Open jasonvooo opened 4 months ago
I'm not aware of an issue with the replacement of MSIX signatures. This case is covered by a unit test in APPXSignerTest.
If you change the extension of the signed file to .zip
and open the archive, do you see an AppxSignature.p7x
entry?
When exporting as a zip I see the AppxSignature.p7x
file but when opening the file through explorer properties you cannot see the digital signature.
Before and after running jsign with --replace
Could you send the two files, before and after replacing the signature, to ebourg@apache.org please? I'd like to inspect them.
I've been able to reproduce this behavior, the missing 'Digital Signatures' tab happens when the primary signature of the package is made with a certificate whose CN doesn't match the publisher name in the app manifest. signtool usually returns an error code 0x8007000B when verifying such files.
I'll modify Jsign to check the CN before signing MSIX packages.
Thanks for releasing 6.0 with msix installer!
I am running into an issue with using the
--replace
option when using jsign to sign amsix
package. I am under the impression that when using this flag it should replace the existing signature and replace it with the new signature however when running it results in an artefact that has no signature present.