{{page>vorlagen:pruefen}}
====== App Entwicklung unter Windows 10 ======
{{tag>windows}}
Der Ausführliche MSDN Artikel ist [[https://msdn.microsoft.com/en-us/library/windows/desktop/hh446767(v=vs.85).aspx#create_package_using_dir|hier zu finden]].
===== Dateien vorbereiten =====
{{tag>windows}}
Alle benötigten Dateien werden in einen seperaten Ordner gelegt. Anschließend wird eine AppxManifest.xml Datei erzeugt:
MyApp
MyCompany
images\icon.png
6.2.1
6.2.1
===== App Bundle erzeugen =====
{{tag>windows}}
cd x:\Path\to\Win\Res\Kit\bin\x64
makeappx pack /d "x:\path\to\app" /p "x:\path\to\output.appx"
===== Entwicklerlizenz beantragen =====
{{tag>windows}}
Möglicherweise muss eine Entwicklerlizenz ((http://praxistipps.chip.de/windows-8-apps-ohne-windows-store-installieren_20489)) beantragt werden
Show-WindowsDeveloperLicenseRegistration
===== Entwicklerzertifikat erstellen =====
{{tag>windows}}
OpenSSL für Windows installieren und folgende Befehle eingeben: ((https://www.soft-ware.net/tipps/tipp67/Digitale-Signatur-erstellen-pfx-Datei.asp))
cd C:\OpenSSL-Win32\bin
set openssl_conf=C:\OpenSSL-Win32\bin\openssl.cfg
openssl req -x509 -nodes -days 730 -newkey rsa:1024 -keyout meinzertifikat.pem -out meinzertifikat.pem
openssl pkcs12 -export -out meinzertifikat.pfx -in meinzertifikat.pem -name "Windows Apps Test"
Das Passwort sollte eingegeben werden, da es sonst zu Fehlern kommen kann.
==== Zertifikat mit Kette ====
{{tag>windows}}
((http://stackoverflow.com/questions/84847/how-do-i-create-a-self-signed-certificate-for-code-signing-on-windows))
While you can create a self-signed code-signing certificate (SPC - Software Publisher Certificate) in one go, I prefer to do the following:
Creating a self-signed certificate authority (CA)
makecert -r -pe -n "CN=My CA" -ss CA -sr CurrentUser ^
-a sha256 -cy authority -sky signature -sv MyCA.pvk MyCA.cer
(^ = allow batch command-line to wrap line)
This creates a self-signed (-r) certificate, with an exportable private key (-pe). It's named "My CA", and should be put in the CA store for the current user. We're using the SHA-256 algorithm. The key is meant for signing (-sky).
The private key should be stored in the MyCA.pvk file, and the certificate in the MyCA.cer file.
Importing the CA certificate
Because there's no point in having a CA certificate if you don't trust it, you'll need to import it into the Windows certificate store. You can use the Certificates MMC snapin, but from the command line:
certutil -user -addstore Root MyCA.cer
Creating a code-signing certificate (SPC)
makecert -pe -n "CN=My SPC" -a sha256 -cy end ^
-sky signature ^
-ic MyCA.cer -iv MyCA.pvk ^
-sv MySPC.pvk MySPC.cer
It is pretty much the same as above, but we're providing an issuer key and certificate (the -ic and -iv switches).
We'll also want to convert the certificate and key into a PFX file:
pvk2pfx -pvk MySPC.pvk -spc MySPC.cer -pfx MySPC.pfx
If you want to protect the PFX file, add the -po switch, otherwise PVK2PFX creates a PFX file with no passphrase.
Using the certificate for signing code
signtool sign /v /f MySPC.pfx MyExecutable.exe
/t http://timestamp.url MyExecutable.exe
(See why timestamps may matter)
If you import the PFX file into the certificate store (you can use PVKIMPRT or the MMC snapin), you can sign code as follows:
signtool sign /v /n "Me" /s SPC /d http://www.me.me ^
/t http://timestamp.url MyExecutable.exe
Some possible timestamp URLs for signtool /t are:
http://timestamp.verisign.com/scripts/timstamp.dll
http://timestamp.globalsign.com/scripts/timstamp.dll
http://timestamp.comodoca.com/authenticode
===== Paket signieren =====
{{tag>windows}}
Das Paket muss mit dem Signtool signiert werden.
cd x:\Path\to\Win\Res\Kit\bin\x64
signtool sign /a /v /fd SHA256 /f x:\path\to\cert.pfx /p PASSWORD x:\path\to\app.appx
===== App Installieren =====
{{tag>windows}}
Add-AppxPackage x:\path\to\app.appx