timmangan
Posts: 47
Joined: Fri Mar 30, 2018 1:17 pm

Ability to add /pb option to makemsix command line.

Microsoft has identified a process that will allow a MSIX package to be upgraded when the new version of the package is signed with a different code signing certificate. The steps are outlined https://docs.microsoft.com/en-us/window ... t-identity.

Why is this necessary? Because public CAs generating the code signing certificate are forcing changes in the subject field of the cert. A year ago they dropped the POSTAL field and this year we see them insisting in adding an OU field (even if the CSR didn't request it). So renewing the cert as it expires is leading to a different subject field, and therefore Publisher field in the AppXManifest.

While I believe that in the end the process outlined isn't one that I want to use (see the discussion https://github.com/microsoft/msix-packaging/issues/365), I would like to give it a try. To do so, we will need to be able to tweak the building of the package using makemsix by adding a new command line option. This is shown in Step 2 under Create the package heading in the referenced document.

Is it possible to tweak that command in the AIP project, or if not can this be added to the UI?
timmangan
Posts: 47
Joined: Fri Mar 30, 2018 1:17 pm

Re: Ability to add /pb option to makemsix command line.

There might not be a big hurry on this feature. The resultant package only works on Windows 11 machines. :cry:
Daniel
Posts: 8240
Joined: Mon Apr 02, 2012 1:11 pm
Contact: Website

Re: Ability to add /pb option to makemsix command line.

Hi Tim,

Sorry for the delayed reply on this.

I have added this improvement on our roadmap and hopefully it will be available in one of the next versions of Advanced Installer. Thank you for pointing this out to us.

When this will be released we will notify you on this forum's thread.

All the best,
Daniel
Daniel Radu - Advanced Installer Team
Follow us: Twitter - Facebook - YouTube

Return to “Feature Requests”