locked
Code Signing Cert works in VS 2008 but not in 2013

    Question

  • A certificate with intendet purpose set to "<all>" I could use to sign code in VS2008. The same cert does not work in VS2013 to sign a Windows Store app. Any ideas why that might be and where I can check why VS does not accept the cert? There are no event Log entries for that, are there?
    Friday, March 21, 2014 5:07 PM

Answers

All replies

  • Why are you trying to sign your appx package using your own certificate? Are you trying to side-load your Windows Store app?

    What error do you see when you try to use the SignTool utility to sign your appx package?

    http://msdn.microsoft.com/en-us/library/windows/desktop/hh446767(v=vs.85).aspx


    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    Friday, March 21, 2014 7:20 PM
    Moderator
  • correct, I wan to side-load the app at a customers PC.

    Using signtool on my appx package reveals no error:

    c:\dev\>signtool sign /a /v /fd SHA256 /f shared\cert\signing.pfx app\AppPackages\app_1.0.0.0_x86_Debug_Test\app_1.0.0.0_x86_Debug.appx
    The following certificate was selected:
        Issued to: XXX Software Code Signing CA
        Issued by: XXX Root Certificate Authority
        Expires:   Sun Jan 01 00:59:59 2040
        SHA1 hash: FE4CF91DA87B23B7F7A1F0E27CA093940C9F83CA

    Done Adding Additional Store
    Successfully signed: app\AppPackages\app_1.0.0.0_x86_Debug_Test\app_1.0.0.0_x86_Debug.appx

    Number of files successfully Signed: 1

    Number of warnings: 0
    Number of errors: 0

    But if i check the appx cert using Explorer property sheet it still contains the temporary cert created by VS.

    So, whats going on here?

    Friday, March 21, 2014 7:37 PM
  • I don't know why you didn't get an error, but for the package to be actually signed with your certificate, you will need to also adjust the <Identity ... Publisher="CN=<issued to>"> value in the compiled manifest file. This should allow you to sign the app package with the right certificate. This link talks about it...http://msdn.microsoft.com/en-us/library/windows/desktop/jj835835(v=vs.85).aspx

    Windows Store Developer Solutions, follow us on Twitter: @WSDevSol|| Want more solutions? See our blog

    Friday, March 21, 2014 10:03 PM
    Moderator