已封裝傳統型應用程式的已知問題Known Issues with packaged desktop apps

本文包含在為傳統型應用程式建立 MSIX 套件時可能發生的已知問題。This article contains known issues that can occur when you create an MSIX package for your desktop app.

您收到錯誤...MSB4018 "GenerateResource" 工作發生未預期的失敗You receive the error MSB4018 The "GenerateResource" task failed unexpectedly

發生這種情形時,請嘗試將附屬組件轉換為套件資源索引 (PRI) 檔案。This can happen when trying to convert satellite assemblies to Package Resource Index (PRI) files.

我們已注意到此問題,正在研究長期解決方案。We are aware of this issue and are working on a more long term solution. 暫時的解決方法是,可以透過將這一行 XML 新增到裝載專案檔的第一個 PropertyGroup 元素,來停用資源產生器:As a temporary workaround, you can disable the resource generator by adding this line of XML to the first PropertyGroup element in hosting project file:

<AppxGeneratePrisForPortableLibrariesEnabled>false</AppxGeneratePrisForPortableLibrariesEnabled>

藍色畫面,錯誤碼 0x139 (KERNEL_SECURITY_CHECK_FAILURE)Blue screen with error code 0x139 (KERNEL_SECURITY_CHECK_FAILURE)

從 Microsoft Store安裝或啟動特定應用程式後,電腦可能會發生下列錯誤而意外地重新開機:0x139 (KERNEL_SECURITY_CHECK_ FAILURE)After installing or launching certain apps from the Microsoft Store, your machine may unexpectedly reboot with the error: 0x139 (KERNEL_SECURITY_CHECK_ FAILURE).

已知受影響的 App 包括 Kodi、JT2Go、Ear Trumpet、Teslagrad 和其他 App。Known affected apps include Kodi, JT2Go, Ear Trumpet, Teslagrad, and others.

2016 年 10 月 27 日已發佈一 個 Windows 更新 (版本 14393.351 - KB3197954),其中包含可處理此問題的重要修正。A Windows update (Version 14393.351 - KB3197954) was released on 10/27/16 that includes important fixes that address this issue. 如果您發生此問題,請更新您的電腦。If you encounter this problem, update your machine. 如果您因為電腦在可以登入之前就重新開機而無法更新電腦,您應該使用系統還原將您的系統復原至安裝受影響 App 之前的時間點。If you are not able to update your PC because your machine restarts before you can log in, you should use system restore to recover your system to a point earlier than when you installed one of the affected apps. 如需如何使用系統還原的資訊,請參閱 Windows 10 中的復原選項For information on how to use system restore, see Recovery options in Windows 10.

如果更新無法修正問題,或您不確定如何復原電腦,請連絡 Microsoft 支援服務If updating does not fix the problem or you aren't sure how to recover your PC, please contact Microsoft Support.

如果您是開發人員,建議您避免在不包含此更新的 Windows 版本上安裝已封裝應用程式。If you are a developer, you may want to prevent the installation of your packaged application on versions of Windows that do not include this update. 請注意,這麼做將會使您的應用程式無法提供給尚未安裝更新的使用者。Note that by doing this your application will not be available to users that have not yet installed the update. 若要將應用程式的可用性限制為僅提供給已安裝此更新的使用者,請修改 AppxManifest.xml 檔案,如下所示:To limit the availability of your application to users that have installed this update, modify your AppxManifest.xml file as follows:

<TargetDeviceFamily Name="Windows.Desktop" MinVersion="10.0.14393.351" MaxVersionTested="10.0.14393.351"/>

關於 Windows Update 的詳細資料,請參閱:Details regarding the Windows Update can be found at:

當您簽署應用程式時可能出現的常見錯誤Common errors that can appear when you sign your app

發行者和憑證不符會導致 Signtool 錯誤 "Error:SignerSign() Failed" (-2147024885/0x8007000b)Publisher and cert mismatch causes Signtool error "Error: SignerSign() Failed" (-2147024885/0x8007000b)

Windows 應用程式套件資訊清單中的發行者項目必須符合您用來簽署的憑證主體。The Publisher entry in the Windows app package manifest must match the Subject of the certificate you are signing with. 您可以使用下列任一種方法來檢視憑證的主體。You can use any of the following methods to view the subject of the cert.

選項 1:PowershellOption 1: Powershell

執行下列 PowerShell 命令。Run the following PowerShell command. .cer 或.pfx 可以用來做為憑證檔案,因為它們具有相同的發行者資訊。Either .cer or .pfx can be used as the certificate file, as they have the same publisher information.

(Get-PfxCertificate <cert_file>).Subject

選項 2:檔案總管Option 2: File Explorer

按兩下 [檔案總管] 中的憑證,選取 [詳細資料] 索引標籤,然後選取清單中的 [主體] 欄位。Double-click the certificate in File Explorer, select the Details tab, and then the Subject field in the list. 您接著可以複製內容。You can then copy the contents.

選項 3:CertUtilOption 3: CertUtil

從 PFX 檔案的命令列執行 certutil,然後從輸出中複製 [主體] 欄位。Run certutil from the command line on the PFX file and copy the Subject field from the output.

certutil -dump <cert_file.pfx>

錯誤的 PE 憑證 (0x800700C1)Bad PE certificate (0x800700C1)

當您的套件包含具有損毀憑證的二進位檔時,可能會發生這種情況。This can happen when your package contains a binary that has a corrupted certificate. 以下是可能發生這種情況的一些原因:Here's some of the reasons why this can happen:

  • 憑證的起始位置不在映像的結尾。The start of the certificate is not at the end of an image.

  • 憑證的大小不是正數。The size of the certificate isn't positive.

  • 對於 32 位元可執行檔,憑證的起始位置不在 IMAGE_NT_HEADERS32 結構之後,或對於 64 位元可執行檔,憑證的起始位置不在 IMAGE_NT_HEADERS64 結構之後。The certificate start isn't after the IMAGE_NT_HEADERS32 structure for a 32-bit executable or after the IMAGE_NT_HEADERS64 structure for a 64-bit executable.

  • 憑證指標並未對 WIN_CERTIFICATE 結構正確對齊。The certificate pointer isn't properly aligned for a WIN_CERTIFICATE structure.

若要尋找包含錯誤 PE 憑證的檔案,請開啟命令提示字元,並將名為 APPXSIP_LOG 的環境變數的值設定為 1。To find files that contain a bad PE cert, open a Command Prompt, and set the environment variable named APPXSIP_LOG to a value of 1.

set APPXSIP_LOG=1

然後,從命令提示字元再次簽署您的應用程式。Then, from the Command Prompt, sign your application again. 例如:For example:

signtool.exe sign /a /v /fd SHA256 /f APPX_TEST_0.pfx C:\Users\Contoso\Desktop\pe\VLC.appx

包含錯誤 PE 憑證檔案的相關資訊會顯示在主控台視窗中。Information about files that contain a bad PE cert will appear in the Console Window. 例如:For example:

...

ERROR: [AppxSipCustomLoggerCallback] File has malformed certificate: uninstall.exe

...   

後續步驟Next Steps

有任何問題嗎?Have questions? 請在 Stack Overflow 上發問。Ask us on Stack Overflow. 我們的團隊會監視這些標籤Our team monitors these tags. 您也可以在這裡發問。You can also ask us here.