You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We use DigiCert to sign our WinUI 3 app that we need to sideload (because our app isn't applicable for the Microsoft Store). If we package a new MSIX installer with a newly issued code signing certificate, this inadvertently treats the updated app installer as a new app, which means that two versions (an older and a newer) now exist on the client.
Industry standards require Certificate Authorities to hard-code the expiration date into certificates. When a certificate expires, it is no longer valid and there is no way to extend its life. So, when you 'renew' your certificate, DigiCert must issue a new one to replace the expiring one, and you must install the new certificate on your server.
Sign an app with a code signing certificate and install it on a client workstation.
Sign the same app with a newly issued code signing certificate and attempt to install it on a client workstation. App Installer will treat the app as a new app (even though the package name is identical) and offer to "Install", rather than "Update".
There are now two installations of the same app on the client workstation.
Expected behavior
App Installer should be looking for the package name (being Package.appxmanifest > Name="Company.AppName"), rather than the same certificate, because new code signing certificates for the same sideloaded app will need to be applied to updated versions of the app in the future.
Screenshots
No response
NuGet package version
None
Windows version
Windows 11 (22H2): Build 22621
Additional context
No response
The text was updated successfully, but these errors were encountered:
Describe the bug
We use DigiCert to sign our WinUI 3 app that we need to sideload (because our app isn't applicable for the Microsoft Store). If we package a new MSIX installer with a newly issued code signing certificate, this inadvertently treats the updated app installer as a new app, which means that two versions (an older and a newer) now exist on the client.
DigiCert state the following (for SSL/TLS certs, but it's still applicable):
This Stack Overflow post is related (although I didn't get a warning that "a different package with the same name is already installed" for some reason): https://stackoverflow.com/questions/73155730/windows-considers-it-a-different-app-after-changing-signing-method
Steps to reproduce the bug
Expected behavior
App Installer should be looking for the package name (being Package.appxmanifest > Name="Company.AppName"), rather than the same certificate, because new code signing certificates for the same sideloaded app will need to be applied to updated versions of the app in the future.
Screenshots
No response
NuGet package version
None
Windows version
Windows 11 (22H2): Build 22621
Additional context
No response
The text was updated successfully, but these errors were encountered: