This dialog allows you to digitally sign the AppX package.
App Store publisher identity
Use this option if you want upload your AppX to the Windows Store and define the publisher ID. It must match the publisher subject information of the certificate used to sign a package. For more details follow this Microsoft article.
Sign the AppX package for manual deployment to a device outside the Windows Store. You maintain the signing, hosting, and deployment of such an app.
This is also required when you want to test the package on your local development machine.
Create a Developer Certificate
In this section you can create a digital certificate to use temporary during development.
When using this option, the following operations get performed on your machine:
- a test certificate is generated
- the certificate gets imported in the system store in the "Personal" section and on the local machine in the "Trusted Root Certification Authorities" section
Software Publisher Certificate
Use from Personal certificate store
Choose one of the currently installed certificates. To view or manage certificates inside the system store, you can use certmgr.msc tool.
Use file from disk
When this option is selected the certificate used to sign the files is loaded from a local disk file. Every time you select this option, you will be prompted to select the path to the certificate from the hard-drive.
Be sure to import the same certificate in the system store on the local machine in the "Trusted Root Certification Authorities" section.
Certificate - This field contains the path on disk to the certificate. You can use thebutton in this field to select one from your hard-drive.
PFX certificates are recommended, you can use either pvkimprt or pvk2pfx to create a PFX certificate from the SPC and PVK files. If the PFX file is protected with a password, the "Selected certificate requires password. Select how to transmit it to signing tool:" section will be visible.
- pvkimprt can be downloaded
- pvk2pfx is available as part of the Platform SDK
Private Key - In this field you can set the “Private Key”. You can use thebutton to select one from your hard-drive. PFX certificates do not have a separate private key file, thus this field is hidden by default.
Enter password at each build - You will be prompted to enter the password when the AppX is built.
The DBSC caches the password for PFX files and hence you will be prompted for the password only once.
Save password for this session - The encrypted password will be used only for this session at build time to sign the installation files.
Password - The password for the PFX certificate.
Confirm password - Confirm the PFX certificate password.
Timestamp service URL
A digital certificate has a validity period. After that period expires the signed code is not considered certified anymore. To prevent that, a timestamp can be placed at the signing time which will show that the certificate was valid when the signing was done.
The “Timestamp service URL” specifies the
URL of the timestamp server. Some examples of such servers are: