Package a desktop application using the Desktop App Converter

Note

The Desktop App Converter tool is deprecated. We recommend that you use the MSIX Packaging Tool instead.

DAC Icon

The Desktop App Converter (DAC) creates packages for desktop applications to integrate with the latest Windows features, including distribution and servicing via the Microsoft Store. This includes Win32 apps and apps that you've created by using .NET 4.6.1.

Get the Desktop App Converter

While the term "Converter" appears in the name of this tool, it doesn't actually convert your app. Your application remains unchanged. However, this tool generates a Windows app package with a package identity and the ability to call a vast range of WinRT APIs.

You can install that package by using the Add-AppxPackage PowerShell cmdlet on your development machine.

The converter runs the desktop installer in an isolated Windows environment by using a clean base image provided as part of the converter download. It captures any registry and file system I/O made by the desktop installer and packages it as part of the output.

Important

Desktop App Converter is supported on Windows 10, version 1607, and later. It can only be used in projects that target Windows 10 Anniversary Update (10.0; Build 14393) or a later release in Visual Studio.

The DAC does more than just generate a package for you

Here's a few extra things it can do for you.

Windows 10 Creators Update

✔️ Automatically register your preview handlers, thumbnail handlers, property handlers, firewall rules, URL flags.

✔️ Automatically register file type mappings that enable users to group files by using the Kind column in File Explorer.

✔️ Register your public COM servers.

Windows 10 Anniversary Update or later

✔️ Automatically sign your package so that you can test your app.

✔️ Validate your application against packaged app and Microsoft Store requirements.

To find a complete list of options, see the Parameters section of this guide.

If you're ready to create your package, let's start.

First, prepare your application

Review this guide before you begin creating a package for your application: Prepare to package a desktop application.

Make sure that your system can run the converter

Make sure that your system meets the following requirements:

Start the Desktop App Converter

  1. Download and install the Desktop App Converter.

  2. Run the Desktop App Converter as an administrator.

    run DAC as administrator

    A console window appears. You'll use that console window to run commands.

Set a few things up (apps with installers only)

You can skip ahead to the next section if your application doesn't have an installer.

  1. Identify the version number of your operating system.

    To do that, type winver in the Run dialog box, and then choose the OK button.

    winver

    You'll find the version of your Windows build in the About Windows dialog box.

    Windows 10 version

  2. Download the appropriate Desktop app Converter base image.

    Make sure that the version number that appears in the name of the file matches the version number of your Windows build.

    Important

    If you're using build number 15063, and the minor version of that build is equal to or greater than .483 (For example: 15063.540), make sure to download the BaseImage-15063-UPDATE.wim file. If the minor version of that build is less than .483, download the BaseImage-15063.wim file. If you've already setup an incompatible version of this base file, you can fix it. This blog post explains how to do that.

  3. Place the downloaded file anywhere on your computer where you'll be able to find it later.

  4. In the console window that appeared when you started the Desktop App Converter, run this command: Set-ExecutionPolicy bypass.

  5. Set up the converter by running this command: DesktopAppConverter.exe -Setup -BaseImage .\BaseImage-1XXXX.wim -Verbose.

  6. Restart your computer if you're prompted to do so.

    Status messages appear in the console window as the converter expands the base image. If you don't see any status messages, press any key. This can cause the contents of the console window to refresh.

    status messages in the console window

    When the base image is fully expanded, move to the next section.

Package an app

To Package your app, run the DesktopAppConverter.exe command in the console window that opened when you started the Desktop App Converter.

You'll specify the package name, publisher and version number of the application by using parameters.

Note

If you've reserved your app name in the Microsoft Store, you can obtain the package and publisher names by using Partner Center. If you plan to sideload your app onto other systems, you can provide your own names for these as long as the publisher name that you choose matches the name on the certificate you use to sign your app.

A quick look at command parameters

Here are the required parameters.

DesktopAppConverter.exe
-Installer <String>
-Destination <String>
-PackageName <String>
-Publisher <String>
-Version <Version>

You can read about each one here.

Examples

Here's a few common ways to package your app.

Package an application that has an installer (.msi) file

Point to the installer file by using the Installer parameter.

DesktopAppConverter.exe -Installer C:\Installer\MyAppSetup.msi -Destination C:\Output\MyApp -PackageName "MyApp" -Publisher "CN=MyPublisher" -Version 0.0.0.1

Important

There are two important things to keep in mind here. First, make sure that your installer is located in an independent folder and that only files related to that installer are in the same folder. The converter copies all of the contents of that folder to the isolated Windows environment.
Secondly, if Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.

If your installer includes installers for dependent libraries or frameworks, you might have to organize things a bit a differently. See Chaining multiple installers with the Desktop Bridge.

Package an application that has a setup executable file

Point to the setup executable by using the Installer parameter.

DesktopAppConverter.exe -Installer C:\Installer\MyAppSetup.exe -InstallerArguments "/S" -Destination C:\Output\MyApp -PackageName "MyApp" -Publisher "CN=MyPublisher" -Version 0.0.0.1

Important

If Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.

The InstallerArguments parameter is an optional parameter. However, because the Desktop App Converter needs your installer to run in unattended mode, you might have to use it if your application needs silent flags to run silently. The /S flag is a very common silent flag, but the flag that you use might be different depending on which installer technology you used to create the setup file.

Package an application that doesn't have an installer

In this example, use the Installer parameter to point to the root folder of your application files.

Use the AppExecutable parameter to point to your apps executable file.

DesktopAppConverter.exe -Installer C:\Installer\MyApp\ -AppExecutable MyApp.exe -Destination C:\Output\MyApp -PackageName "MyApp" -Publisher "CN=MyPublisher" -Version 0.0.0.1

Important

If Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.

Package an app, sign the app, and run validation checks on the package

This example is similar to first one except it shows how you can sign your application for local testing, and then validate your application against packaged app and Microsoft Store requirements.

DesktopAppConverter.exe -Installer C:\Installer\MyAppSetup.exe -InstallerArguments "/S" -Destination C:\Output\MyApp -PackageName "MyApp" -Publisher "CN=MyPublisher" -Version 0.0.0.1 -MakeAppx -Sign -Verbose -Verify

Important

If Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.

The Sign parameter generates a certificate and then signs your application with it. To run your app, you'll have to install that generated certificate. To learn how, see the Run the packaged app section of this guide.

You can validate you application by using the Verify parameter.

A quick look at optional parameters

The Sign and Verify parameters are optional. There are many more optional parameters. Here are some of the more commonly used optional parameters.

[-ExpandedBaseImage <String>]
[-AppExecutable <String>]
[-AppFileTypes <String>]
[-AppId <String>]
[-AppDisplayName <String>]
[-AppDescription <String>]
[-PackageDisplayName <String>]
[-PackagePublisherDisplayName <String>]
[-MakeAppx]
[-LogFile <String>]
[<CommonParameters>]

You can read about all of them in the next section.

Parameter Reference

Here's the complete list of parameters (organized by category) that you can use when you run the Desktop App Converter.

You can also view the entire list by running the Get-Help command in the app console window.

Setup parameters
-Setup [<SwitchParameter>] Required Runs DesktopAppConverter in setup mode. Setup mode supports expanding a provided base image.
-BaseImage <String> Required Full path to an unexpanded base image. This parameter is required if -Setup is specified.
-LogFile <String> Optional Specifies a log file. If omitted, a log file temporary location will be created.
-NatSubnetPrefix <String> Optional Prefix value to be used for the Nat instance. Typically, you would want to change this only if your host machine is attached to the same subnet range as the converter's NetNat. You can query the current converter NetNat config by using the Get-NetNat cmdlet.
-NoRestart [<SwitchParameter>] Required Don't prompt for reboot when running setup (reboot is required to enable the container feature).
Conversion parameters
-AppInstallPath <String> Optional The full path to your application's root folder for the installed files if it were installed (e.g., "C:\Program Files (x86)\MyApp").
-Destination <String> Required The desired destination for the converter's appx output - DesktopAppConverter can create this location if it doesn't already exist.
-Installer <String> Required The path to the installer for your application - must be able to run unattended/silently. No-installer conversion, this is the path to the root directory of your application files.
-InstallerArguments <String> Optional A comma-separated list or string of arguments to force your installer to run unattended/silently. This parameter is optional if your installer is an msi. To get a log from your installer, supply the logging argument for the installer here and use the path <log_folder>, which is a token that the converter replaces with the appropriate path.

NOTE: The unattended/silent flags and log arguments will vary between installer technologies.

An example usage for this parameter: -InstallerArguments "/silent /log <log_folder>\install.log" Another example that doesn't produce a log file may look like: -InstallerArguments "/quiet", "/norestart" Again, you must literally direct any logs to the token path <log_folder> if you want the converter to capture it and put it in the final log folder.
-InstallerValidExitCodes <Int32> Optional A comma-separated list of exit codes that indicate your installer ran successfully (for example: 0, 1234, 5678). By default this is 0 for non-msi, and 0, 1641, 3010 for msi.
-MakeAppx [<SwitchParameter>] Optional A switch that, when present, tells this script to call MakeAppx on the output.
-MakeMSIX [<SwitchParameter>] Optional A switch that, when present, tells this script to package the output as an MSIX Package.
Package identity parameters
-PackageName <String> Required The name of your Universal Windows App package. If Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.
-Publisher <String> Required The publisher of your Universal Windows App package
-Version <Version> Required The version number for your Universal Windows App package
Package manifest parameters
-AppExecutable <String> Optional The name of your application's main executable (eg "MyApp.exe"). This parameter is required for a no-installer conversion.
-AppFileTypes <String> Optional A comma-separated list of file types which the application will be associated with. Example usage: -AppFileTypes "'.md', '.markdown'".
-AppId <String> Optional Specifies a value to set Application Id to in the Windows app package manifest. If it is not specified, it will be set to the value passed in for PackageName. In many cases, using the PackageName is fine. However, if Partner Center assigns an identity to your package that begins with a number, make sure that you also pass in the -AppId parameter, and use only the string suffix (after the period separator) as the value of that parameter.
-AppDisplayName <String> Optional Specifies a value to set Application Display Name to in the Windows app package manifest. If it is not specified, it will be set to the value passed in for PackageName.
-AppDescription <String> Optional Specifies a value to set Application Description to in the Windows app package manifest. If it is not specified, it will be set to the value passed in for PackageName.
-PackageDisplayName <String> Optional Specifies a value to set Package Display Name to in the Windows app package manifest. If it is not specified, it will be set to the value passed in for PackageName.
-PackagePublisherDisplayName <String> Optional Specifies a value to set Package Publisher Display Name to in the Windows app package manifest. If it is not specified, it will be set to the value passed in for Publisher.
Cleanup parameters
-Cleanup [<Option>] Required Runs cleanup for the DesktopAppConverter artifacts. There are 3 valid options for the Cleanup mode.
-Cleanup All Deletes all expanded base images, removes any temporary converter files, removes the container network, and disables the optional Windows feature, Containers.
-Cleanup WorkDirectory Required Removes all the temporary converter files.
-Cleanup ExpandedImage Required Deletes all the expanded base images installed on your host machine.
Package architecture parameters
-PackageArch <String> Required Generates a package with the specified architecture. Valid options are 'x86' or 'x64'; for example, -PackageArch x86. This parameter is optional. If unspecified, the DesktopAppConverter will try to auto-detect package architecture. If auto-detection fails, it will default to x64 package.
Miscellaneous parameters
-ExpandedBaseImage <String> Optional Full path to an already expanded base image.
-LogFile <String> Optional Specifies a log file. If omitted, a log file temporary location will be created.
-Sign [<SwitchParameter>] Optional Tells this script to sign the output Windows app package by using a generated certificate for testing purposes. This switch should be present alongside the switch -MakeAppx.
<Common parameters> Required This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more info, see about_CommonParameters.
-Verify [<SwitchParameter>] Optional A switch that, when present, tells the DAC to validate the app package against packaged app and Microsoft Store requirements. The result is a validation report "VerifyReport.xml", which is best visualized in a browser. This switch should be present alongside the switch -MakeAppx.
-PublishComRegistrations Optional Scans all public COM registrations made by your installer and publishes the valid ones in your manifest. Use this flag only if you want to make these registrations available to other applications. You don't need to use this flag if these registrations will be used only by your application.

Review this article to make sure that your COM registrations behave as you expect after you package your app.

Run the packaged app

There's two ways to run your app.

One way is to open a PowerShell command prompt, and then type this command: Add-AppxPackage –Register AppxManifest.xml. It's probably the easiest way to run your application because you don't have to sign it.

Another way is to sign your application with a certificate. If you use the sign parameter, the Desktop App Converter will generate one for you, and then sign your application with it. That file is named auto-generated.cer, and you can find it in the root folder of your packaged app.

Follow these steps to install the generated certificate, and then run your app.

  1. Double-click the auto-generated.cer file to install the certificate.

    generated certificate file

    Note

    If you're prompted for a password, use the default password "123456".

  2. In the Certificate dialog box, choose the Install Certificate button.

  3. In the Certificate Import Wizard, install the certificate onto the Local Machine, and place the certificate into the Trusted People certificate store.

    Trusted People Store

  4. In root folder of your packaged app, double click the Windows app package file.

    Windows app package file

  5. Install the app, by choosing the Install button.

    Install button

Modify the packaged app

You'll likely make changes to your packaged application to address bugs, add visual assets, or enhance your application with modern experiences such as live tiles.

After you make your changes, you don't need to run the converter again. In most cases, you can just repackage your application by using the MakeAppx tool and the appxmanifest.xml file the DAC generates for your app. See Generate a Windows app package.

Note

If you make changes to registry settings that your installer makes, you will have to run the Desktop App Converter again to pick up those changes.

The following two sections describe a couple of optional fix-ups to the packaged application that you might consider.

Delete unnecessary files and registry keys

The desktop App Converter takes a very conservative approach to filtering out files and system noise in the container.

If you want, you can review the VFS folder and delete any files that your installer doesn't need. You can also review the contents of Reg.dat and delete any keys that are not installed/needed by the app.

Fix corrupted PE headers

During the conversion process, the DesktopAppConverter automatically runs the PEHeaderCertFixTool to fixup any corrupted PE headers. However, you can also run the PEHeaderCertFixTool on a UWP Windows app package, loose files, or a specific binary. Here's an example.

PEHeaderCertFixTool.exe <binary file>|<.appx package>|<folder> [/c] [/v]
 /c   -- check for corrupted certificate but do not fix (optional)
 /v   -- verbose (optional)
example1: PEHeaderCertFixTool app.exe
example2: PEHeaderCertFixTool c:\package.appx /c
example3: PEHeaderCertFixTool c:\myapp /c /v

Telemetry from Desktop App Converter

Desktop App Converter may collect information about you and your use of the software and send this info to Microsoft. You can learn more about Microsoft's data collection and use in the product documentation and in the Microsoft Privacy Statement. You agree to comply with all applicable provisions of the Microsoft Privacy Statement.

By default, telemetry will be enabled for the Desktop App Converter. Add the following registry key to configure telemetry to a desired setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DesktopAppConverter
  • Add or edit the DisableTelemetry value by using a DWORD set to 1.
  • To enable telemetry, remove the key or set the value to 0.

Language support

The Desktop App Converter does not support Unicode; thus, no Chinese characters or non-ASCII characters can be used with the tool.

Known issues with the Desktop App Converter

E_CREATING_ISOLATED_ENV_FAILED an E_STARTING_ISOLATED_ENV_FAILED errors

If you receive either of these errors, make sure that you're using a valid base image from the download center. If you’re using a valid base image, try using -Cleanup All in your command. If that does not work, please send us your logs at converter@microsoft.com to help us investigate.

New-ContainerNetwork: The object already exists error

You might receive this error when you setup a new base image. This can happen if you have a Windows Insider flight on a developer machine that previously had the Desktop App Converter installed.

To resolve this issue, try running the command Netsh int ipv4 reset from an elevated command prompt, and then reboot your machine.

Your .NET application is compiled with the "AnyCPU" build option and fails to install

This can happen if the main executable or any of the dependencies were placed anywhere in the Program Files or Windows\System32 folder hierarchy.

To resolve this issue, try using your architecture-specific desktop installer (32 bit or 64 bit) to generate a Windows app package.

Publishing public side-by-side Fusion assemblies won't work

During install, an application can publish public side-by-side Fusion assemblies, accessible to any other process. During process activation context creation, these assemblies are retrieved by a system process named CSRSS.exe. When this is done for a converted process, activation context creation and module loading of these assemblies will fail. The side-by-side Fusion assemblies are registered in the following locations:

  • Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners
  • File System: %windir%\SideBySide

This is a known limitation and no workaround currently exists. That said, Inbox assemblies, like ComCtl, are shipped with the OS, so taking a dependency on them is safe.

Error found in XML. The 'Executable' attribute is invalid - The value 'MyApp.EXE' is invalid according to its datatype

This can happen if the executables in your application have a capitalized .EXE extension. Although, the casing of this extension shouldn't affect whether your application runs, this can cause the DAC to generate this error.

To resolve this issue, try specifying the -AppExecutable flag when you package, and use the lower case ".exe" as the extension of your main executable (For example: MYAPP.exe). Alternately you can change the casing for all executables in your application from lowercase to uppercase (For example: from .EXE to .exe).

Corrupted or malformed Authenticode signatures

This section contains details on how to identify issues with Portable Executable (PE) files in your Windows app package that may contain corrupted or malformed Authenticode signatures. Invalid Authenticode signatures on your PE files, which may be in any binary format (e.g. .exe, .dll, .chm, etc.), will prevent your package from being signed properly, and thus prevent it from being deployable from an Windows app package.

The location of the Authenticode signature of a PE file is specified by the Certificate Table entry in the Optional Header Data Directories and the associated Attribute Certificate Table. During signature verification, the information specified in these structures is used to locate the signature on a PE file. If these values get corrupted then it is possible for a file to appear to be invalidly signed.

For the Authenticode signature to be correct, the following must be true of the Authenticode signature:

  • The start of the WIN_CERTIFICATE entry in the PE file cannot extend past the end of the executable
  • The WIN_CERTIFCATE entry should be located at the end of the image
  • The size of the WIN_CERTIFICATE entry must be positive
  • The WIN_CERTIFICATEentry must start after the IMAGE_NT_HEADERS32 structure for 32-bit executables and IMAGE_NT_HEADERS64 structure for 64-bit executables

For more details, please refer to the Authenticode Portal Executable specification and the PE file format specification.

Note that SignTool.exe can output a list of the corrupted or malformed binaries when attempting to sign an Windows app package. To do this, enable verbose logging by setting the environment variable APPXSIP_LOG to 1 (e.g., set APPXSIP_LOG=1 ) and re-run SignTool.exe.

To fix these malformed binaries, ensure they conform to the requirements above.

Next steps

Find answers to your questions

Have questions? Ask us on Stack Overflow. Our team monitors these tags. You can also ask us here.

Give feedback or make feature suggestions

See UserVoice.

Run your application / find and fix issues

See Run, debug, and test a packaged desktop application

Distribute your app

See Distribute a packaged desktop application