[BUG] Cannot find publisher when signtool_options is set but doesn't contains any certificate signing options

[mullerch]

:information_source: Info

Version: v3.12.2

Flutter (Channel stable, 3.10.0, on Microsoft Windows [Version 10.0.19045.2965], locale en-CH)

:speech_balloon: Description

I was building and signing my software fine with msix with version 3.6.3.

I had to upgrade with flutter 3 and cross dependencies. After upgrading, I had an error regarding missing "publisher":

Building package executable... (12.1s)
Built msix:create.
running "flutter build windows"...     72.2s
building msix files...                  
could not find the Publisher value.
you must provide the Publisher value at "msix_config: publisher" in the pubspec.yaml file
the Publisher is the certificate "Subject" in this exact format: "CN=Contoso Software, O=Contoso Corporation, C=US"
see where you can found your certificate Subject:
https://user-images.githubusercontent.com/946652/198945956-ec2ca7f2-36e9-4dfc-959b-48bcd191d82d.png

I didn't see anything related to this in the changelog. Still, after adding the publisher, I get the following error:

Resolving dependencies in ... (1.9s)
Got dependencies in ....
Building package executable... (14.8s)
Built msix:create.
running "flutter build windows"...     156.0s
building msix files...                 75.1s
packing msix files...                   

Unhandled exception:
SignTool Error: No certificates were found that met all the given criteria.

#0      ProcessResultExtensions.exitOnError (package:msix/src/method_extensions.dart:61:7)
#1      SignTool.sign (package:msix/src/sign_tool.dart:248:9)
<asynchronous suspension>
#2      Msix._packMsixFiles (package:msix/msix.dart:137:7)
<asynchronous suspension>
#3      Msix._createMsix (package:msix/msix.dart:99:5)
<asynchronous suspension>
#4      Msix.create (package:msix/msix.dart:57:5)
<asynchronous suspension>
#5      main (file:///.../AppData/Local/Pub/Cache/hosted/pub.dev/msix-3.12.2/bin/create.dart:4:3)
<asynchronous suspension>

I'm using dart run msix:create --certificate-path <path> --certificate-password <password>. My guess here is there is an issue with this option and the certificate is not used. Therefore it was asking for the publisher as it could not get it from the certificate.

Can you confirm the certificate-path option works as expected?

Please note that the "publisher" does not exactly match the certificate subject name as one of the attribute is not accepted (ST).

:scroll: Pubspec.yaml

msix_config:
  display_name: "Display name"
  identity_name: net.company.name

  publisher: "CN=MyCN, O=MyO, C=MyC"
  publisher_display_name: Company

  install_certificate: false
  signtool_options: "/v"

  architecture: x64
  capabilities: "serialcommunication"
  languages: en-us

  logo_path: "assets/icon.png"

[YehudaKremer]

Hello

Use the latest msix version and remove the publisher config field, and try again please

[mullerch]

If latest version is v3.12.2, that's what I did.

[YehudaKremer]

Okay sorry,

Keep using v3.12.2, remove the publisher config field, and try again please

[mullerch]

After upgrading, I had an error regarding missing "publisher":

I did first try without publisher with v3.12.2.

[YehudaKremer]

Its seems that certificate-path option works as expected for me:

can you please run without publisher and with the -v flag so we can have more detailed log (make sure not to post here sensitive data)

[mullerch]

I found the issue. Please add signtool_options: "/v" in your pubspec and you should be able to reproduce.

https://github.com/YehudaKremer/msix/blob/0c734864217cb3f9c133806fdb32aadd13ccf3ae/lib/src/sign_tool.dart#L25

[YehudaKremer]

I will check it

Thank you for this 👍

[mullerch]

Thanks for your support