Open milindgoel15 opened 1 year ago
YehudaKremer
commented
1 year ago Hello @milindgoel15
Thanks for the bug report.
I think its bug with the Msix installer, the current behavior is to display the "Publisher" (CN) value from the certificate used to sign the msix file, or show "Unknow" if the msix is not signed.
found this bug: https://github.com/microsoft/winget-cli/discussions/2073#discussioncomment-2524324
milindgoel15
commented
1 year ago So it only happens if we use a test certificate to sign the msix?
YehudaKremer
commented
1 year ago Yes,
If you will sign with your own certificate you will see your "publisher" (the CN part) of your certificate.
milindgoel15
commented
1 year ago Alright, so when signing the app, we add the certificate path and password into pubspec, shouldn't the password stay out of pubspec to keep it out of git? or certificate passwords don't matter much on windows?
Adam-Langley
commented
2 months ago Just some supplemental documentation for people using AzureSignTool to sign their MSIX after packaging...
Make sure you configure "sign_msix: false" (i.e, disable signing as part of the msix packaging process") otherwise when you sign your MSIX in a post-processing action, the publisher name in the embedded AppManifest.xml will be "Msix Testing" - of course that will not match your Azure KeyVault certificate publisher, and AzureSignTool will fail with The Publisher Identity in the AppxManifest.xml does not match the subject on the certificate.
:information_source: Info
Version:
3.16.1:speech_balloon: Description
The publisher name doesn't come as per the one written in the config.
msix logs: pub_log.txt
:scroll: Pubspec.yaml
We ask that you include your pubspec.yaml file as a common problem we have seen has been the pubspec.yaml file being incorrect
the copy of pubspec is also there in pub_log.txt.