search

electron-userland / electron-builder

A complete solution to package and build a ready for distribution Electron app with “auto update” support out of the box
https://www.electron.build
MIT License
13.51k stars 1.73k forks source link

Invalid Identity.Publisher in AppxManifest.xml #3501

Open l7s opened 5 years ago

l7s commented 5 years ago

Build fails with error as below:

Error: Exit code: 1. Command failed: C:\Users\level7\AppData\Local\electron-builder\Cache\winCodeSign\winCodeSign-2.4.0\windows-10\ia32\makeappx.exe pack /o /f C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\mapping.txt /p cae0a702dee6d01422d41f5cc1a2734c26bf688087aaf5479190f7bb2aed5f60 (sha256 hash)
Microsoft (R) MakeAppx Tool
Copyright (C) 2013 Microsoft.  All rights reserved.

The path (/p) parameter is: "\\?\C:\Users\level7\Desktop\electron-softphone\electron\dist\VoIPstudio-3.0.45-ia32.appx"
The mapping file (/f) parameter is: "C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\mapping.txt"
Reading mapping file "C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\mapping.txt"
Packing 128 file(s) listed in "C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\mapping.txt" (mapping file) to "\\?\C:\Users\level7\Desktop\electron-softphone\electron\dist\VoIPstudio-3.0.45-ia32.appx" (output file name).
Memory limit defaulting to 1610377216 bytes.
Using "C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\AppxManifest.xml" as the manifest for the package.
MakeAppx : error: Error info: /*[local-name()="Package" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"]/*[local-name()="Identity" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"][1]/@Publisher
'CN=Level 7 Systems Ltd.,O=Level 7 Systems Ltd.,POSTALCODE=N12 0DR,STREET=2 Woodberry Grove+STREET=1st Floor,L=London,ST=Greater London,C=GB' violates pattern constraint of '(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")))*'.
The attribute 'Publisher' with value 'CN=Level 7 Systems Ltd.,O=Level 7 Systems Ltd.,POSTALCODE=N12 0DR,STREET=2 Woodberry Grove+STREET=1st Floor,L=London,ST=Greater London,C=GB' failed to parse.
MakeAppx : error: Package creation failed.
MakeAppx : error: 0x80080204 - The specified package format is not valid: The package manifest is not valid.

package.json:

{
  "name": "VoIPstudio",
  "repository": "http://repo.ssl7.net/repo/voipstudio/stable/main/binary",
  "homepage": "https://voipstudio.com",
  "version": "3.0.45",
  "description": "Softphone and IM",
  "main": "main.js",
  "storeBuild": false,
  "productCode": "v",
  "appKey": "voipstudio",
  "apiUrl": {
    "dev": "https://api.l7dev.co.cc/v1",
    "test": "https://api.l7test.co.cc/v1",
    "sandbox": "https://api-sandbox.ssl7.net/v1",
    "prod": "https://l7api.com/v1"
  },
  "updTestServer": "udptest.ssl7.net",
  "scripts": {
    "start": "electron . --dev",
    "prod": "electron . --dev --prodapi",
    "dist": "electron-builder"
  },
  "author": {
    "name": "VoIPstudio",
    "email": "info@voipstudio.com"
  },
  "license": "X11",
  "devDependencies": {
    "electron": "3.0.10",
    "electron-builder": "20.36.2",
    "electron-rebuild": "^1.8.2",
    "electron-debug": "1.1.0"
  },
  "dependencies": {
    "auto-launch": "5.0.5",
    "bindings": "1.3.0",
    "electron-log": "2.2.7",
    "electron-updater": "^4.0.0",
    "is-running": "2.1.0",
    "keytar": "4.3.0",
    "mime-types": "2.1.15",
    "minimist": "0.0.8",
    "node-abi": "^2.4.5",
    "uuid": "3.1.0",
    "ws": "^3.3.2"
  },
  "build": {
    "appId": "com.voipstudio.app",
    "publish": {
      "provider": "generic",
      "url": "https://repo.ssl7.net/release/voipstudio"
    },
    "npmRebuild": false,
    "nodeGypRebuild": false,
    "files": [
      "!dev-host.json",
      "!*.sh",
      "!lib",
      "!lib/*",
      "!build",
      "!build/*",
      "!branding",
      "!branding/*"
    ],
    "mac": {
      "category": "public.app-category.productivity",
      "target": [
        "dmg",
        "zip"
      ],
      "icon": "resources/icon/icon.icns"
    },
    "linux": {
      "category": "Network",
      "target": [
        "deb"
      ],
      "icon": "resources/icon/linux",
      "extraFiles": [
        {
          "from": "lib/${os}/${arch}/libstdc++.so.6",
          "to": "libstdc++.so.6"
        },
        {
          "from": "lib/${os}/${arch}/libstdc++.so.6.0.21",
          "to": "libstdc++.so.6.0.21"
        }
      ]
    },
    "win": {
      "asarUnpack": [ 
        "compiled/10.2.0/win32/ia32/system_idle_time.node",
        "node_modules/keytar/build/Release/win32/ia32/keytar.node"
      ],
      "target": [
        "nsis",
        "appx"
      ],
      "icon": "resources/icon/icon.ico"
    },
    "nsis": {
      "oneClick": true,
      "runAfterFinish": true
    },
    "appx": {
      "publisher": "CN=Level 7 Systems Ltd."
    }
  }
}

AppxManifest.xml:

<?xml version="1.0" encoding="utf-8"?>
<!--suppress XmlUnusedNamespaceDeclaration -->
<Package
   xmlns="http://schemas.microsoft.com/appx/manifest/foundation/windows10"
   xmlns:uap="http://schemas.microsoft.com/appx/manifest/uap/windows10"
   xmlns:desktop="http://schemas.microsoft.com/appx/manifest/desktop/windows10"
   xmlns:rescap="http://schemas.microsoft.com/appx/manifest/foundation/windows10/restrictedcapabilities">
  <!-- use single quotes to avoid double quotes escaping in the publisher value  -->
  <Identity Name="VoIPstudio"
    ProcessorArchitecture="x86"
    Publisher='CN=Level 7 Systems Ltd.,O=Level 7 Systems Ltd.,POSTALCODE=N12 0DR,STREET=2 Woodberry Grove+STREET=1st Floor,L=London,ST=Greater London,C=GB'
    Version="3.0.45.0" />
  <Properties>
    <DisplayName>VoIPstudio</DisplayName>
    <PublisherDisplayName>VoIPstudio</PublisherDisplayName>
    <Description>Softphone and IM</Description>
    <Logo>assets\StoreLogo.png</Logo>
  </Properties>
  <Resources>
    <Resource Language="en-US" />
  </Resources>
  <Dependencies>
    <TargetDeviceFamily Name="Windows.Desktop" MinVersion="10.0.14316.0" MaxVersionTested="10.0.14316.0" />
  </Dependencies>
  <Capabilities>
    <rescap:Capability Name="runFullTrust"/>
  </Capabilities>
  <Applications>
    <Application Id="VoIPstudio" Executable="app\VoIPstudio.exe" EntryPoint="Windows.FullTrustApplication">
      <uap:VisualElements
       BackgroundColor="#464646"
       DisplayName="VoIPstudio"
       Square150x150Logo="assets\Square150x150Logo.png"
       Square44x44Logo="assets\Square44x44Logo.png"
       Description="Softphone and IM">

        <uap:DefaultTile Wide310x150Logo="assets\Wide310x150Logo.png" />

      </uap:VisualElements>

    </Application>
  </Applications>
</Package>

Manually editing and changing line:

    Publisher='CN=Level 7 Systems Ltd.,O=Level 7 Systems Ltd.,POSTALCODE=N12 0DR,STREET=2 Woodberry Grove+STREET=1st Floor,L=London,ST=Greater London,C=GB'

to:

    Publisher='CN=Level 7 Systems Ltd.'

and running:

C:\Users\level7\AppData\Local\electron-builder\Cache\winCodeSign\winCodeSign-2.4.0\windows-10\ia32\makeappx.exe pack /o /f C:\Users\level7\Desktop\electron-softphone\electron\dist\__appx-ia32\mapping.txt /p cae0a702dee6d01422d41f5cc1a2734c26bf688087aaf5479190f7bb2aed5f60

fixes the issue, but not sure how to make this work withing electron-builder packaging flow.

Any suggestions greatly appreciated.

Regards, Chris

elronalds commented 5 years ago

I'm also experiencing this issue when trying to sign an appX for self distribution.

When signing an appX using the certificate environment variables it seems like electron-builder is setting the publisher to the certificate publisher which then fails the regular expression check in Microsoft's MakeAppx tool. This also happens when specifying the certificate outside of the environment variables and in the JSON configuration file.

So when the certificate is set the AppxManifest shows the following and the build fails due to the MakeAppx regular expression not passing.

  <Identity Name="App"
    ProcessorArchitecture="x64"
    Publisher='CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB'
    Version="1.0.0" />

When no certificate is set it shows the following which builds fine, however the appX is unsigned.

  <Identity Name="App"
    ProcessorArchitecture="x64"
    Publisher='CN=Company Ltd'
    Version="1.0.0" />

It looks like it is pulling the publisher name from the code signing certificate incorrectly and this is causing issues.

Nantris commented 5 years ago

it seems like electron-builder is setting the publisher to the certificate publisher which then fails the regular expression check in Microsoft's MakeAppx tool.

That seems like exactly what's happening still in electron-builder@20.38.5. As you mention, you can create an unsigned AppX, but you can't run that outside the store.

Nantris commented 5 years ago

Using @elronalds's method I got the Appx to build and managed to sign it, but it can't be run because: "Ask the app developer for a new app package. This one isn't signed with a trusted certificate (0x800B0100)"

This occurs even with all the Windows 10 development features enabled.

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Nantris commented 4 years ago

This remains an issue. Being unable to test an AppX makes submission to the app store virtually impossible. I'm told my AppX doesn't run and how to test it by Microsoft and get it approved. In theory, great. In practice, it's been a year and we're still not on the Windows Store.

Any update would be really great.

@JoSe086 - updating you to let you know I';m alive and still having this issue myself.

Chrisbright10 commented 4 years ago

Please Re-open this issue, Apparently the Regex for electron-builder doesn't recognize ST value that some certificates provide. Can we update the Regex to allow for ST? I am having the same issue as this person is and it seems to be connected to the "ST" value that is being used for State in the USA.

develar commented 4 years ago

@Chrisbright10 Could you please send pull request?

Chrisbright10 commented 4 years ago

I truly wish i could but i cant seem to find where the Regex is that is listed below. I would just be adding the ST option to the list. I have contacted my Code signing cert issuer to see if i could get State listed as a different field in the meantime, but fixing it this way would be better. I have listed my error and stacktrace below, hopefully it will help in finding the regex pattern and being able to change it. I searched for about 2 hours through the package and couldn't seem to find where the pattern is stored.

Using "D:\Projects\trueadherenceapp\release__appx-x64\AppxManifest.xml" as the manifest for the package. MakeAppx : error: Error info: /[local-name()="Package" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"]/[local-name()="Identity" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"][1]/@Publisher 'CN=True Adherence Inc,O=True Adherence Inc,L=Salt Lake City,ST=Utah,C=US' violates pattern constraint of '(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")))*'. The attribute 'Publisher' with value 'CN=True Adherence Inc,O=True Adherence Inc,L=Salt Lake City,ST=Utah,C=US' failed to parse. MakeAppx : error: Package creation failed. MakeAppx : error: 0x80080204 - The specified package format is not valid: The package manifest is not valid. stackTrace= Error: Exit code: 1. Command failed: C:\Users\chris\AppData\Local\electron-builder\Cache\winCodeSign\winCodeSign-2.6.0\windows-10\x64\makeappx.exe pack /o /f D:\Projects\trueadherenceapp\release__appx-x64\mapping.txt /p b142b6716aa7f7dca75af001c90acf438281f8369b20a86292621350b47fa118 (sha256 hash) 0.4.0.appx

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Microsoft (R) MakeAppx Tool
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Copyright (C) 2013 Microsoft.  All rights reserved.

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             The path (/p) parameter is: "\\?\D:\Projects\trueadherenceapp\release\TrueAdherenceApp 0.4.0.appx"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             The mapping file (/f) parameter is: "D:\Projects\trueadherenceapp\release\__appx-x64\mapping.txt"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Reading mapping file "D:\Projects\trueadherenceapp\release\__appx-x64\mapping.txt"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Packing 76 file(s) listed in "D:\Projects\trueadherenceapp\release\__appx-x64\mapping.txt" (mapping file) to "\\?\D:\Projects\trueadherenceapp\release\TrueAdherenceApp 0.4.0.appx" (output file name).
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Memory limit defaulting to 8481527808 bytes.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Using "D:\Projects\trueadherenceapp\release\__appx-x64\AppxManifest.xml" as the manifest for the package.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             MakeAppx : error: Error info: /*[local-name()="Package" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"]/*[local-name()="Identity" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"][1]/@Publisher
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             'CN=True Adherence Inc,O=True Adherence Inc,L=Salt Lake City,ST=Utah,C=US' violates pattern constraint of '(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID\.(0|[1-9][0-9]*)(\.(0|[1-9][0-9]*))+))=(([^,+="<>#;])+|".*")))*'.
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             The attribute 'Publisher' with value 'CN=True Adherence Inc,O=True Adherence Inc,L=Salt Lake City,ST=Utah,C=US' failed to parse.

MakeAppx : error: Package creation failed. MakeAppx : error: 0x80080204 - The specified package format is not valid: The package manifest is not valid.

at D:\Projects\trueadherenceapp\node_modules\builder-util\src\util.ts:125:16 at ChildProcess.exithandler (child_process.js:302:5) at ChildProcess.emit (events.js:210:5) at maybeClose (internal/child_process.js:1021:16) at Process.ChildProcess._handle.onexit (internal/child_process.js:283:5)

Chrisbright10 commented 4 years ago

Here is a way that you could verify the failing test.... in test\src\windows\winCodeSignTest.ts alter the first test to the following.

test("parseDn", () => { expect(parseDn("CN=7digital Limited, O=7digital Limited, L=London, ST= Greater London, C=GB")).toMatchSnapshot()

expect(safeLoad("publisherName:\n - 7digital Limited")).toMatchObject({publisherName: ["7digital Limited"]}) })

this should cause that test to fail and should help you trace where to fix it.

pedronieto84 commented 4 years ago

Hello, I am encountering the same problem with Sectigo Certificate.

MakeAppx : error: Error info: /[local-name()="Package" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"]/[local-name()="Identity" and namespace-uri()="http://schemas.microsoft.com/appx/manifest/foundation/windows10"][1]/@Publisher 'CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB' viola la restricci�n pattern de '(CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")(, ((CN|L|O|OU|E|C|S|STREET|T|G|I|SN|DC|SERIALNUMBER|Description|PostalCode|POBox|Phone|X21Address|dnQualifier|(OID.(0|[1-9][0-9])(.(0|[1-9][0-9]))+))=(([^,+="<>#;])+|".")))*'.

Any idea on how to fix it?

pedronieto84 commented 4 years ago

I don't know if might be related or not, but if you try to navigate directly to http://schemas.microsoft.com/appx/manifest/foundation/windows10

you get a 404 Error Response.

url

pedronieto84 commented 4 years ago

And if you go here https://regex101.com/ And you put the REGEXP and the String to test, it parses correctly.

regexp

Chrisbright10 commented 4 years ago

And if you go here https://regex101.com/ And you put the REGEXP and the String to test, it parses correctly.

regexp

That is not parsing correctly as you can see the first item parses, it has blue highlighting on CN= but the ST is not highlighted, showing it does not correctly identify that as a valid option. I have been in contact with Ksoftware and they say they run into this problem commonly for the windows store and there is a way they can remove the fields and reissue the cert to get around this issue. But the Regex still needs to be updated to fix this issue, this additional data is unfortunately irrelevant.

greenimpala commented 4 years ago

Can confirm this is an issue when testing AppX locally with my Sectigo code signing cert.

The attribute 'Publisher' with value 'CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB' failed to parse.
jameshfisher commented 4 years ago

So I just discovered this issue after describing it in detail here: https://github.com/electron-userland/electron-builder/issues/4931

jameshfisher commented 4 years ago

I don't understand why people here are describing the issue as specific to Sectigo. My certificate is also from Sectigo, but I don't think that's my issue. electron-builder sets the Publisher in my AppxManifest.xml to my personal name, rather than the CN of my certificate authority (Sectigo). The real issue for me is that electron-builder/app-builder mangles my CN, such that makeappx rejects it.

jameshfisher commented 4 years ago

Maybe it would be possible to work around this issue if I could just pass a custom AppxManifest.xml. Is there any progress on https://github.com/electron-userland/electron-builder/issues/3072 ?

ncortines commented 2 years ago

Hi,

I'm trying to build APPX distributable for internal enterprise use (no Windows Store).

Unfortunately our certificate contains ST and the MakeAppx tools fails during publisher validation.

Is there some workaround for this?

Thanks, Juan

MarkusSvensson commented 2 years ago

I faced this problem and was able to sign my appx by setting appx.publisher in my electron-builder config to the certificate subject (which has S= instead of ST=). Not sure if it can help anyone in this thread.

haoxi911 commented 5 months ago

I can confirm that changing ST to S in the appx.publisher setting helps. Also, make sure to add proper quotes and spaces, for example:

CN="Sectigo RSA Code Signing CA", O="Sectigo Limited", L=Salford, S="Greater Manchester", C=GB

esnosy commented 2 months ago

same problem here :/ using a publisher name without spaces works but ofcourse signing fails :/

esnosy commented 2 months ago

I found this https://techcommunity.microsoft.com/t5/msix/msix-packageing-tool-signtool-certificate-issues/m-p/225093/highlight/true#M71

esnosy commented 2 months ago

more clues https://techcommunity.microsoft.com/t5/msix/msix-packageing-tool-signtool-certificate-issues/m-p/2133583/highlight/true#M78

esnosy commented 2 months ago

I finally solved it,

I had to use the entire certificate "subject" line and not only the CN part (thanks for hint: https://techcommunity.microsoft.com/t5/msix/msix-packageing-tool-signtool-certificate-issues/m-p/2133583/highlight/true#M78)

I used the command from here https://community.qlik.com/t5/Official-Support-Articles/How-to-find-certificates-by-thumbprint-or-name-with-powershell/ta-p/1711332

to get the subject line

PS C:\Users\Eyad> (Get-ChildItem -path 'Cert:\*4ae3d89dc7440d4533b99fb4977e114e4a0f052d' -Recurse).Subject
CN="Open Source Developer, Eyad Ahmed", O=Open Source Developer, L=Alexandria, S=Alexandria, C=EG

I also had to replace double quotes with their xml escape value (https://stackoverflow.com/a/3961530/8094047)

subject_line = 'CN="Open Source Developer, Eyad Ahmed", O=Open Source Developer, L=Alexandria, S=Alexandria, C=EG'
publisher = subject_line.replace('"', "&quot;")