I have developed an application and want to publish to the microsoft store. I have tried using advanced installer but unless I pay $500 I cannot publish it i think using the trial version? I have also tried using MSIX Package (Windows) but then I need to digitally sign it, and then I can't add logos and etc. I also do not know how to get a certificate and convert it to .pfx format for this to work.
Honestly, this process has just made me want to stop, which is unfortunate. So I am trying to find a service or someone that I can pay to package my .exe app to an MSIX, signed and everything so that I can just upload it to the store on my account..but I cannot find anything on google.
Does anyone know of a service, or even a better application that has better guides for MSIX packaging and signing? Advanced Installer is pretty extensive, but their guides are based on MSI, not MSIX. Not worth paying $500 for when they are not even current with Microsoft Stores required format.
FYI - to get a useful answer around here it helps if you place specific questions (i.e. split your question into multiple ones, like: Do I need to digitally sign an application for the MS Store?; how do I add logos...?)
Back to your problem. I work on the Advanced Installer and I will try to give you some advice to help clear a part of your problems.
First of all, to publish an application in the Microsoft Store you don't need a certificate. As explained in our guide, in your Store developer account you will find a package identity assigned to your application, here is an example:
The value that starts with CN=... must be copied and pasted into your Advanced Installer project, on the Package Information page, under the ID field. Make sure Digital Signing is disabled in your project. (You need to digitally sign the MSIX only when you deploy it outside the MS Store)
This identity will allow the MS team to certify you as the owner of the application. Once Microsoft approves your application submission, the MSIX package you upload will be signed with a Microsoft digital certificate. All MSIX packages uploaded in the store are signed by Microsoft.
I don't know how complex your application is, but most apps can be packaged with the free Advanced Installer Express edition. Have you tried that? The commercial editions include additional features, but you might not need them.
MSIX Hero is pretty great and is open source. Assuming your application is just a directory of files containing one or more EXEs just click "pack directory to MSIX"
Then select the folder containing your application files and the EXEs you want to create shortcuts for in the start menu. It will pull a lot of the package metadata from the metadata in the EXEs.
If you are publishing to the Windows store you don't need to sign the package.
If you do want to sign it for distribution outside the store the options for that are pretty easy to use as well. The only issue is you will need a code signing certificate, which is ~$300 a year.
Related
I have been in the process of migrating one of my project from a standard UWP project to an Uno platform based project to allow me a wider variety of devices to publish to. After overcoming a number of hurdles I generate my msixbundle and submit this to the Microsoft store. Because the original application was published with a .appxupload it need too be some kind of bundle to accept it. When i submit the bundle i receive the following warning
Package acceptance validation warning: The following restricted
capabilities require approval before you can use them in your app:
runFullTrust.
In my package manifest the only capability ticked is Internet (Client). Nothing else is ticked and the application doesn't need anything to work.
Any idea where this has come from or is set and how I might go about changing this to the correct value. I have done quite a bit of googling and some places suggest ticking or unticking certain things on the package submission page(nothing i ticked on unticked seemed to help) or is this simply because it is uno platform?
Any suggestions would be greatly appreciated.
Edit
As a test I created a brand new uno platform application I also created a new app in the Microsoft app store linked the two. Left every single capability unticked(that's right none were checked) produced and msix submitted it to the store and i am receiving the exact same error. This leads me to think this is because it is an UNO platform app.
In case it is useful im using vs 2022 17.3.6.
This being a store submission question, you may want to check out UWP community server; plenty of people there with apps in the store, someone must have hit the same roadblock as you. https://uwpcommunity.com/
I have a Windows App SDK based desktop application. I am using the single-project MSIX packaging in VS2022. What I need to figure out is how to get the installer to launch 3rd party installers (Nvidia Cuda for instance) as part of the application install. What should be pretty straight forward is lost in the weeds in the sparse documentation on MSIX. I also will eventually want to overlay multiple MSIX installs in one location. I am pretty sure I can't do this directly from Visual Studio but it seems possible using the MSIX Tool. Any pointers would be helpful.
While MSIX doesn't have install custom actions, for some things we can still customize some things at the user system.
Handling this externally from the package deployment is the recommended method. There may be other options, however.
With source code you can modify the app to detect if you need to do something and do it. If "it" needs elevation you need to add the allowelevationcapability in the manifest and there will be a UAC prompt for the user.
With or without source you can instead add the PsfLauncher of the Package support framework to run a script on launch of the app. PsfLauncher will take care of the detection on if run before for you. And the same elevation concerns apply.
As these methods run in the user context they really aren't any good if elevation is needed, hence not the recommended way.
Tim Mangan.
First of all, don't start using the MSIX Packaging Tool. As I said in previous SO threads, that tool is designed for IT pros, not for developers.
Second, as Tim concluded, I wouldn't recommend overcomplicating yourself to deliver those third-party installers via MSIX.
Instead of overcomplicating yourself with integrating the Package Support Framework into your MSIX package, I would think twice if it is worth deploying the application as MSIX. Last time I checked you could still get an identity for your app even if you deployed it with an MSI (I may be wrong here).
If you choose to keep the MSIX for your app, maybe a cleaner solution is to build an EXE wrapper (also called bootstrapper in the packaging world) over it to handle the third-party package installations, and when done with those it can launch your MSIX installation?
Unfortunately, so far Microsoft isn't making it easy for us to define a non-MSIX dependency.
So my situation:
I built an Sideloaded UWP app with Visual Studio. Visual Studio can create an .pfx certificate that is temporary for 1 year. After that you have to recreate another certificate. The year for my certificate is almost over. Now I was thinking of buying such a certificate with more than 1 year of a lifetime.
Now my problem is that I absolutly donĀ“t understand what I actually have to look for. When searching for certificates I find all kinds of SSL Certificates. Do I need SSL certificates for my case? Because it seems this is some web related certificate. Then there are EV OV DV, S/MIME Email Certificates and everything just does not seem right.
Code Signing OV is the closest I could find.
There also are alot of other different Code Signing certificates. Some list details like: "Authenticode, Office VBA, Java, Adobe Air, Mac / OSX, Android"
Some other just list the detail "Multiplatform" on like 5 different offers that all look the same and when you look into the description those informations are probably important: "32- und 64-Bit-Files like .exe, .cab, .dll, .ocx, .msi, .xpi, .xap and Kernel-Software" + "SHA-1".
Then there are CodeSignings like this "Microsoft Authenticode (Multi-Purpose)" with "SHA-2"
And this are just a few examples. There are alot offers and I understand neither of them. Just give me a working .pfx file.
Anyway
I was hoping that someone could help me understand on what I should be looking for if I want to have a certificate for my Sideloaded UWP app similar to the certificate that Visual Studio can create.
You need a code signing certificate which can be bought from digicert for example. Please refer to the their support page for more information about how it works.
If you need a public certificate, you'll find a special offer on this link.
Executables and DLL's can be digitally signed. It suggests trust to the user.
However, my research upon this topic is slowly leading nowhere. I think I need a complete step-by-step idiot's guide on how to digitally sign binaries, directly upon compilation. What I mean is: Click on "Build" and retrieve a signed executable. I really don't want to manually sign everything myself.
Visual Studio has a "Signing" tab in project properties, so I guess I have to look there. It seems like I need a .pfx file for that. But where exactly do I get one that contains my name and how do I use it correctly?
Also, does this cost money? - Per binary / only once / not at all?
Example of a signed binary:
I have always signed my dlls and applications manually. To make your signature last even after code sign certificate expires you need to add a timestamp to the signature.
To sign a dll/exe you need to buy the codesign certificate but there are CAs (i.e. if you are open source developer) where you can get it for free. One of them is Cetrum CA (which I am currently using). Take a look here. The process of obtaining it is a torture, but the certificate itself is OK. (it doesn't work with all browsers - use FF, single signon needs to be done on every page and mails are in Polish language.)
Timestamp can be obtained for free (i.e. from the link in Hanselmans blog or you can find a list of free RFC 3161 compliant timestamp authorities here)
We have developed a .Net 4.0 VSTO Excel AddIn in VS2010 that we are deploying via ClickOnce. Our deployable seems fine on Windows XP but is extremely problematic when installed on Windows 7. The problems all seem to relate to when the AddIn needs to be removed via Excel (i.e. it has been soft deleted by Excel [eg. due to failure, etc] and it is then 'Remove'd by the user via the Excel | Options | AddIns | Manage | COM AddIns dialog.
The above leads to a situation where an AddIn is re-installed after the above has occurred, it is not exposed within Excel - i.e. the Excel AddIns tab (which would normally appear if there is one or more AddIns installed) vanishes forever. It becomes even more of a problem when we are developing/debugging, as we are renaming/removing AddIn instances on the fly - so much so that developing VSTO on Windows 7 is no longer feasible
Note that the AddIn is not in the hard deleted (disabled) list - it has been removed. I have tried installing/re-installing/uninstalling, rebooting, removing registry items (cleaning up cache/after-uninstall), removing file system files from C:\Documents and Settings\\Local Settings\Apps\2.0, clearing cache (via mage and/or rundll32 as per Clear the .NET-downloaded application cache without Mage?). There seems to be a clear difference of behaviour between XP and Windows 7.
Has anyone had similar problems ?
The only alternative I can see is a deployment project with a fully blown MSI, however this is no where near as neat - requires local Admin access, etc
Many thanks
Travis
Not sure if you have read about the tutorials about publishing Office solution using Clickonce. If you haven't, you can find them via the links below. Worth reading.
http://msdn.microsoft.com/en-us/library/vstudio/bb772100(v=vs.100).aspx
http://msdn.microsoft.com/en-us/library/vstudio/bb608591(v=vs.100).aspx
Regarding using windows installer, it's not extremely hard to do, especially with Visual Studio 2010 setup project. Here's a very detailed tutorial that can guide you through all these. It helped me a lot when I was trying to deploy the Excel add-in, and I hope it'd help you too in some way.
http://msdn.microsoft.com/en-us/library/ff937654.aspx
Also you might want to ask yourself these questions to determine whether or not using Clickonce/Windows installer is the right choice.
When it comes to your choice in deployment technologies, you don't
need to limit yourself to just one option. The key is to choose the
right tool for the right job. While there is no single rule or simple
answer, there are some general guidelines you can use to help make the
best decision for your specific needs.
Does the application install any COM components?
Does the application require registering any components for COM-Interop?
Does the application install any services? Does the application have to
install to a specific location or to the Global Assembly Cache (GAC)?
Does the application have any components that are conditionally
installed, based on the operating system or runtime environment?
Does the application require user input at installation time?
Does the application require configuration of system-level services such as
Active Directory or COM+?
After the application is installed, does it create files, write to the
registry, or affect the system in some way that would leave resources behind when the application is removed?
If you answered yes to any of
these questions, then Windows Installer is the best choice for
your needs. However, if you don't need to address the scenarios
described in the list above, then ClickOnce is an excellent candidate
for your deployment solution. If you want to leverage the distinct
benefits provided by ClickOnce, then understanding the capabilities of
ClickOnce early in your application design process is critical.
Deploying an early version of an application with ClickOnce, but then
belatedly realizing a need to move to Windows Installer, would create
a difficult upgrade path that can be avoided through careful up-front
planning.
From my experience, on one of my production projects we have also used MSI. And problems with click once were avoided. So my answer - yes you need to have MSI Project or MSI installations. And with MSI installations you can either use default MSI Project or external, e.g. Wix or Wise Installer or something else. Second way with custom installer is much more harder.
For situations with removing I've used mage and manual delete add-in from cache and registry. It helps, but looks like hacks.
Also each time when dealing with VSTO ClickOnce unclear, I've thought to use some external libraries. Unfortunately I haven't such opportunity to use something 3rd party to make my work easier due to requirement to project. But you can check and try. May be Add-in-Express libraries will help you, especially when they have good technical support.
What we found was that the way to get ClickOnce working for VSTO on Windows 7 was to do this within Excel - i.e.
Add/Remove Programs : uninstall
Excel | Options | AddIns | COM | Go
Add | browse to the ClickOnce setup.exe | OK | etc
Close down Excel
Go into Excel
AddIn appears
I'm sure you can play with the Add/Remove programs uninstall (versioning) so the user doesn't necessarily have to manually uninstall
ClickOnce is gr8 when it works - it's journey to get there tho and needs to be tightened up big style