topic-23747

Posts: 44158

Joined: Thu Oct 06, 2005 05:47 PM

Signing apps for Windows 8 Metro
Posted: Sat Mar 24, 2012 12:00 PM

For those of you that already have started learning to develop apps for the iPhone/iPad you may remember how complex (as we are not used to it) is to sign apps and all the certificates stuff. Well, the news are that in Windows 8 Metro those signing requirements are there too.

I have been several days learning the signing process for Windows 8 Metro apps. For development, Windows allows us to issue a fake authority certificate (this will just work on our computer) and using this certificate, we issue a personal one to sign our apps.

1. Create a fake "Trusted root Certification authority"

2. Create a personal certificate "authorized" by our fake previous certificate

Using a batch gocert.bat:

Code (fw): Select all Collapse

c:\"Program Files (x86)\Windows Kits"\8.0\bin\x86\makecert -n "CN=fivetechauthority" -sr currentuser -ss root -a sha1 -cy authority -r -sk fivetechauthority.cer
c:\"Program Files (x86)\Windows Kits"\8.0\bin\x86\makecert -n "CN=fivetech" -sr currentuser -ss my -cy end -sky exchange -a sha1 -is root -ir currentuser -in fivetechauthority -sk fivetech.cer

There are several ways to check that it worked as expected. From the Internet Explorer we can review "Internet options", "Content", "Certificates". Here "fivetechauthority" is listed as a trusted certification authority, and we have also a personal certificate "authorized" by the "fivetechauthority"

The final step is to check the "thumbprint" of our personal certificate, as it is required to sign our apps. We use Windows "powershell" to inspect our certificates:

Code (fw): Select all Collapse

c:\>powershell
Windows PowerShell
Copyright (C) 2011 Microsoft Corporation. All rights reserved.

PS C:\> dir cert:\currentuser\my

    Directory: Certificate::currentuser\my

Thumbprint                                Subject
----------                                -------
1CAE9F6CEA30F8EBB2A78FBDC720F90770FB79B4  CN=fivetech

PS C:\> exit

c:\>

"C:\program files (x86)\Windows Kits\8.0\bin\x64\signtool.exe" sign /fd sha256 /sha1 1CAE9F6CEA30F8EBB2A78FBDC720F90770FB79B4 MyApp.appx
(yes, new name of our apps too. More on next posts)

regards, saludos

Antonio Linares
www.fivetechsoft.com

norberto

Posts: 566

Joined: Thu Aug 30, 2007 03:40 PM

Re: Signing apps for Windows 8 Metro
Posted: Sat Mar 24, 2012 12:45 PM

Antonio, i have this problem with windows 7, when appl run of network, says : this appl dont have an certificado, how make this to my exe in windows 7? thanks

Antonio Linares

Posts: 44158

Joined: Thu Oct 06, 2005 05:47 PM

Re: Signing apps for Windows 8 Metro
Posted: Sat Mar 24, 2012 12:47 PM

Norberto,

Look for makecert.exe in Windows 7 and try to do it the same way :-)

regards, saludos

Antonio Linares
www.fivetechsoft.com

Antonio Linares

Posts: 44158

Joined: Thu Oct 06, 2005 05:47 PM

Re: Signing apps for Windows 8 Metro
Posted: Sun Mar 25, 2012 11:18 AM

If getting the error:
Deployment failed with HRESULT: 0x800B0109

From a terminal window run: mmc

"File", "Add/Remove Snap-in", "certificates", select "computer account" !!!

Add the personal and trusted certificates

Solved!!!

regards, saludos

Antonio Linares
www.fivetechsoft.com

hag

Posts: 598

Joined: Tue Apr 15, 2008 04:51 PM

Re: Signing apps for Windows 8 Metro
Posted: Thu Mar 29, 2012 10:09 PM

followed the instructions in the thread Antonio submitted and check internet tools. certificate was there expept NOT the personal one. Did I do something wrong.
Checked Powershaares and the thumbprint worked fine.

Now do I need to purchase a certificate to run signtool and get "my" properly certificated and do I need to do this after every update of "my"?
Is there a place to get a cerficate at a reasonable price. Verisign is VERY expensive.

Thank you

Harvey

FiveTech Support Forums

Continue the discussion