打包的桌面应用的已知问题Known Issues with packaged desktop apps

本文包含在为桌面应用创建 MSIX 包时可能出现的已知问题。This article contains known issues that can occur when you create an MSIX package for your desktop app.

你收到错误:MSB4018“GenerateResource”任务意外失败You receive the error MSB4018 The "GenerateResource" task failed unexpectedly

在尝试将附属程序集转换为包资源索引 (PRI) 文件时,可能会发生这种情况。This can happen when trying to convert satellite assemblies to Package Resource Index (PRI) files.

我们已注意到此问题,正在努力提供长期解决方案。We are aware of this issue and are working on a more long term solution. 作为临时解决方法,你可以通过将此行 XML 添加到托管项目文件的第一个 PropertyGroup 元素中来禁用资源生成器:As a temporary workaround, you can disable the resource generator by adding this line of XML to the first PropertyGroup element in hosting project file:

<AppxGeneratePrisForPortableLibrariesEnabled>false</AppxGeneratePrisForPortableLibrariesEnabled>

带有错误代码 0x139 (KERNEL_SECURITY_CHECK_FAILURE) 的蓝屏Blue screen with error code 0x139 (KERNEL_SECURITY_CHECK_FAILURE)

在从 Microsoft Store 安装或启动某些应用后,计算机可能会由于以下错误而意外重新启动:0x139 (KERNEL_SECURITY_CHECK_ FAILURE)After installing or launching certain apps from the Microsoft Store, your machine may unexpectedly reboot with the error: 0x139 (KERNEL_SECURITY_CHECK_ FAILURE).

已知受影响的应用包括 Kodi、JT2Go、Ear Trumpet、Teslagrad 和其他应用。Known affected apps include Kodi, JT2Go, Ear Trumpet, Teslagrad, and others.

Windows 更新(版本 14393.351 - KB3197954)于 2016 年 10 月 27 日发布,该更新包含解决此问题的重要修补程序。A Windows update (Version 14393.351 - KB3197954) was released on 10/27/16 that includes important fixes that address this issue. 如果你遇到此问题,请更新计算机。If you encounter this problem, update your machine. 如果由于计算机在你可以登录前便重新启动,从而无法更新电脑,应使用系统还原将系统恢复到早于你安装受影响应用之一时的时间点。If you are not able to update your PC because your machine restarts before you can log in, you should use system restore to recover your system to a point earlier than when you installed one of the affected apps. 有关如何使用系统还原的信息,请参阅 Windows 10 中的恢复选项For information on how to use system restore, see Recovery options in Windows 10.

如果更新未解决问题或者你不确定如何恢复电脑,请联系 Microsoft 支持If updating does not fix the problem or you aren't sure how to recover your PC, please contact Microsoft Support.

如果是开发人员,可能需要阻止在不包含此更新的 Windows 版本上安装打包的应用程序。If you are a developer, you may want to prevent the installation of your packaged application on versions of Windows that do not include this update. 请注意,如果这样做,应用程序将对尚未安装该更新的用户不可用。Note that by doing this your application will not be available to users that have not yet installed the update. 若要限制应用程序对已安装此更新的用户的可用性,请修改 AppxManifest.xml 文件,如下所示:To limit the availability of your application to users that have installed this update, modify your AppxManifest.xml file as follows:

<TargetDeviceFamily Name="Windows.Desktop" MinVersion="10.0.14393.351" MaxVersionTested="10.0.14393.351"/>

可在以下位置找到关于 Windows 更新的详细信息:Details regarding the Windows Update can be found at:

对应用进行签名时可能会出现的常见错误Common errors that can appear when you sign your app

发布服务器和证书不匹配导致 Signtool 错误“错误:SignerSign() 失败”(-2147024885/0x8007000b)Publisher and cert mismatch causes Signtool error "Error: SignerSign() Failed" (-2147024885/0x8007000b)

Windows 应用包清单中的发布者条目必须与要用于签名的证书的使用者匹配。The Publisher entry in the Windows app package manifest must match the Subject of the certificate you are signing with. 可使用以下任一方法查看证书的使用者。You can use any of the following methods to view the subject of the cert.

选项 1:PowershellOption 1: Powershell

运行以下 PowerShell 命令。Run the following PowerShell command. 可以将 .cer 或 .pfx 用作证书文件,因为它们具有相同的发布者信息。Either .cer or .pfx can be used as the certificate file, as they have the same publisher information.

(Get-PfxCertificate <cert_file>).Subject

选项 2:文件资源管理器Option 2: File Explorer

在文件资源管理器中双击证书,选择“详细信息” 选项卡,然后在列表中选择 Subject 字段。Double-click the certificate in File Explorer, select the Details tab, and then the Subject field in the list. 接着,就可以复制内容。You can then copy the contents.

选项 3:CertUtilOption 3: CertUtil

从命令行对 PFX 文件运行 certutil,然后从输出中复制 Subject 字段。 Run certutil from the command line on the PFX file and copy the Subject field from the output.

certutil -dump <cert_file.pfx>

错误的 PE 证书 (0x800700C1)Bad PE certificate (0x800700C1)

当包中包含的二进制文件有一个损坏的证书时,可能会发生这种情况。This can happen when your package contains a binary that has a corrupted certificate. 下面是可能导致此情况的一些原因:Here's some of the reasons why this can happen:

  • 证书的开头不在映像的结尾。The start of the certificate is not at the end of an image.

  • 证书大小不是正数。The size of the certificate isn't positive.

  • 证书开头不在 32 位可执行文件的 IMAGE_NT_HEADERS32 结构之后或 64 位可执行文件的 IMAGE_NT_HEADERS64 结构之后。The certificate start isn't after the IMAGE_NT_HEADERS32 structure for a 32-bit executable or after the IMAGE_NT_HEADERS64 structure for a 64-bit executable.

  • 证书指针未正确指向 WIN_CERTIFICATE 结构。The certificate pointer isn't properly aligned for a WIN_CERTIFICATE structure.

若要查找包含错误 PE 证书的文件,请打开 命令提示符窗口,并将名为 APPXSIP_LOG 的环境变量设置为值 1。To find files that contain a bad PE cert, open a Command Prompt, and set the environment variable named APPXSIP_LOG to a value of 1.

set APPXSIP_LOG=1

然后,从命令提示符 下,再次对应用程序进行签名。Then, from the Command Prompt, sign your application again. 例如:For example:

signtool.exe sign /a /v /fd SHA256 /f APPX_TEST_0.pfx C:\Users\Contoso\Desktop\pe\VLC.appx

有关包含错误 PE 证书的文件的信息将显示在控制台窗口 中。Information about files that contain a bad PE cert will appear in the Console Window. 例如:For example:

...

ERROR: [AppxSipCustomLoggerCallback] File has malformed certificate: uninstall.exe

...   

后续步骤Next Steps

有问题?Have questions? 请在 Stack Overflow 上向我们提问。Ask us on Stack Overflow. 我们的团队会监视这些标记Our team monitors these tags. 你还可以在此处提问。You can also ask us here.