Inhaltsverzeichnis
App Entwicklung unter Windows 10
Der Ausführliche MSDN Artikel ist hier zu finden.
Dateien vorbereiten
Alle benötigten Dateien werden in einen seperaten Ordner gelegt. Anschließend wird eine AppxManifest.xml Datei erzeugt:
<?xml version="1.0" encoding="utf-8"?> <Package xmlns="http://schemas.microsoft.com/appx/2010/manifest"> <Identity Name="MyCompany.MySuite.MyApp" Version="1.0.0.0" Publisher="CN=MyCompany, O=MyCompany, L=MyCity, S=MyState, C=MyCountry"> <Properties> <DisplayName>MyApp</DisplayName> <PublisherDisplayName>MyCompany</PublisherDisplayName> <Logo>images\icon.png</Logo> </Properties> <Prerequisites> <OSMinVersion>6.2.1</OSMinVersion> <OSMaxVersionTested>6.2.1</OSMaxVersionTested> </Prerequisites> <Resources> <Resource Language="de-de" /> </Resources> <Applications> <Application Id="MyApp" StartPage="default.html"> <VisualElements DisplayName="My App" Description="A useful description." Logo="images\icon.png" SmallLogo="images\small_icon.png" ForegroundText="dark" BackgroundColor="#FFFFFF" > <SplashScreen Image="images\splash.png" /> </VisualElements> </Application> </Applications> </Package>
App Bundle erzeugen
cd x:\Path\to\Win\Res\Kit\bin\x64 makeappx pack /d "x:\path\to\app" /p "x:\path\to\output.appx"
Entwicklerlizenz beantragen
Möglicherweise muss eine Entwicklerlizenz 1) beantragt werden
Show-WindowsDeveloperLicenseRegistration
Entwicklerzertifikat erstellen
OpenSSL für Windows installieren und folgende Befehle eingeben: 2)
cd C:\OpenSSL-Win32\bin set openssl_conf=C:\OpenSSL-Win32\bin\openssl.cfg openssl req -x509 -nodes -days 730 -newkey rsa:1024 -keyout meinzertifikat.pem -out meinzertifikat.pem openssl pkcs12 -export -out meinzertifikat.pfx -in meinzertifikat.pem -name "Windows Apps Test"
Das Passwort sollte eingegeben werden, da es sonst zu Fehlern kommen kann.
Zertifikat mit Kette
While you can create a self-signed code-signing certificate (SPC - Software Publisher Certificate) in one go, I prefer to do the following: Creating a self-signed certificate authority (CA)
makecert -r -pe -n "CN=My CA" -ss CA -sr CurrentUser ^ -a sha256 -cy authority -sky signature -sv MyCA.pvk MyCA.cer
(^ = allow batch command-line to wrap line)
This creates a self-signed (-r) certificate, with an exportable private key (-pe). It's named „My CA“, and should be put in the CA store for the current user. We're using the SHA-256 algorithm. The key is meant for signing (-sky).
The private key should be stored in the MyCA.pvk file, and the certificate in the MyCA.cer file. Importing the CA certificate
Because there's no point in having a CA certificate if you don't trust it, you'll need to import it into the Windows certificate store. You can use the Certificates MMC snapin, but from the command line:
certutil -user -addstore Root MyCA.cer
Creating a code-signing certificate (SPC)
makecert -pe -n "CN=My SPC" -a sha256 -cy end ^ -sky signature ^ -ic MyCA.cer -iv MyCA.pvk ^ -sv MySPC.pvk MySPC.cer
It is pretty much the same as above, but we're providing an issuer key and certificate (the -ic and -iv switches).
We'll also want to convert the certificate and key into a PFX file:
pvk2pfx -pvk MySPC.pvk -spc MySPC.cer -pfx MySPC.pfx
If you want to protect the PFX file, add the -po switch, otherwise PVK2PFX creates a PFX file with no passphrase. Using the certificate for signing code
signtool sign /v /f MySPC.pfx MyExecutable.exe /t http://timestamp.url MyExecutable.exe
(See why timestamps may matter)
If you import the PFX file into the certificate store (you can use PVKIMPRT or the MMC snapin), you can sign code as follows:
signtool sign /v /n "Me" /s SPC /d http://www.me.me ^ /t http://timestamp.url MyExecutable.exe
Some possible timestamp URLs for signtool /t are:
http://timestamp.verisign.com/scripts/timstamp.dll http://timestamp.globalsign.com/scripts/timstamp.dll http://timestamp.comodoca.com/authenticode
Paket signieren
Das Paket muss mit dem Signtool signiert werden.
cd x:\Path\to\Win\Res\Kit\bin\x64 signtool sign /a /v /fd SHA256 /f x:\path\to\cert.pfx /p PASSWORD x:\path\to\app.appx
App Installieren
Add-AppxPackage x:\path\to\app.appx