question

SensusMobileSoftware-1210 avatar image
0 Votes"
SensusMobileSoftware-1210 asked RoyLi-MSFT commented

Can't use trusted certificate for side loading and for the store

I have a UWP application which we want to publish through side loading and the Windows store. We purchased a trusted code signing certificate. The subject of the certificate does not match the Package/Identity/Publisher assigned to us for our store app. When I set the appxmanifest Package/Identity/Publisher to match the certificate's subject the store rejects the application, but side loading. If I set the Package/Identity/Publisher to what the store assigned to us, add EnableSigningChecks=false to the .csproj file, and upload; the store still rejects the application with "Invalid package publisher name". It seems to use the subject from the certificate instead of what is in the .appxmanifest file.

I want the app's package name to be the same between the side loaded and store application so that a user could side load the application, but then later upgrade from the store. Currently the side loaded and store app would install side by side since Windows would consider them as different applications.

How can I use the trusted certificate with the different subject from Package/Identity/Publisher to create a side load and store app which resolve to the same package name so that they are considered the same application? Can Microsoft modify my app's Package/Identity/Publisher to match my certificate?

windows-uwp
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

RoyLi-MSFT avatar image
0 Votes"
RoyLi-MSFT answered RoyLi-MSFT commented

Hello,

Welcome to Microsoft Q&A!

How can I use the trusted certificate with the different subject from Package/Identity/Publisher to create a side load and store app which resolve to the same package name so that they are considered the same application?

No, this is not possible.

There is something that needs to be clarified. UWP apps need to be signed with a certificate so that they could be sideloaded or uploaded to the store. If you want to upload your app to the store, the store will sign the app with the certificate that matches the developer account you used. That's why the store rejects your app because you are using a different signing certificate.

Also, if your app is uploaded to the store with your developer account, and you sideloaded your app with another certificate, both of the apps will exist in the system because the system will consider them as two different apps.

Another thing is that may I know why you purchased a certificate instead of using your own certificate?

Thank you.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

We purchased a certificate so that our app is automatically trusted and the user does not need to install the certificate. From my understanding customers would need to install the certificate on their PC if we generate the certificate ourselves. Is that not correct?

How can I get a trusted certificate that can be used for both side loading and uploading to the store? I don't want the user to need to install the certificate manually.

0 Votes 0 ·
RoyLi-MSFT avatar image RoyLi-MSFT SensusMobileSoftware-1210 ·

From my understanding customers would need to install the certificate on their PC if we generate the certificate ourselves. Is that not correct?

Yes, it is.

How can I get a trusted certificate that can be used for both side loading and uploading to the store?

No, this is not possible. The store will sign your app automatically when you upload your app to the store and the store will maintain the certificate. It means that the store is using a different certificate.

0 Votes 0 ·