App Entwicklung unter Windows 10

Der Ausführliche MSDN Artikel ist hier zu finden.

Alle benötigten Dateien werden in einen seperaten Ordner gelegt. Anschließend wird eine AppxManifest.xml Datei erzeugt:

<?xml version="1.0" encoding="utf-8"?>
<Package xmlns="http://schemas.microsoft.com/appx/2010/manifest">
<Identity Name="MyCompany.MySuite.MyApp" 
          Version="1.0.0.0" 
          Publisher="CN=MyCompany, O=MyCompany, L=MyCity, S=MyState, C=MyCountry">
  <Properties>
    <DisplayName>MyApp</DisplayName>
    <PublisherDisplayName>MyCompany</PublisherDisplayName>
    <Logo>images\icon.png</Logo>
  </Properties>
  <Prerequisites>
    <OSMinVersion>6.2.1</OSMinVersion>
    <OSMaxVersionTested>6.2.1</OSMaxVersionTested>
  </Prerequisites>
  <Resources>
    <Resource Language="de-de" />
  </Resources>
 <Applications>
  <Application Id="MyApp" StartPage="default.html">
    <VisualElements DisplayName="My App" Description="A useful description." 
         Logo="images\icon.png" SmallLogo="images\small_icon.png" 
         ForegroundText="dark" BackgroundColor="#FFFFFF" >
      <SplashScreen Image="images\splash.png" />
    </VisualElements>
  </Application>
</Applications>
</Package>

cd x:\Path\to\Win\Res\Kit\bin\x64
makeappx pack /d "x:\path\to\app" /p "x:\path\to\output.appx"

Möglicherweise muss eine Entwicklerlizenz ¹⁾ beantragt werden

Show-WindowsDeveloperLicenseRegistration

OpenSSL für Windows installieren und folgende Befehle eingeben: ²⁾

cd C:\OpenSSL-Win32\bin
set openssl_conf=C:\OpenSSL-Win32\bin\openssl.cfg
openssl req -x509 -nodes -days 730 -newkey rsa:1024 -keyout meinzertifikat.pem -out meinzertifikat.pem
openssl pkcs12 -export -out meinzertifikat.pfx -in meinzertifikat.pem -name "Windows Apps Test"

Das Passwort sollte eingegeben werden, da es sonst zu Fehlern kommen kann.

³⁾

While you can create a self-signed code-signing certificate (SPC - Software Publisher Certificate) in one go, I prefer to do the following: Creating a self-signed certificate authority (CA)

makecert -r -pe -n "CN=My CA" -ss CA -sr CurrentUser ^
         -a sha256 -cy authority -sky signature -sv MyCA.pvk MyCA.cer

(^ = allow batch command-line to wrap line)

This creates a self-signed (-r) certificate, with an exportable private key (-pe). It's named „My CA“, and should be put in the CA store for the current user. We're using the SHA-256 algorithm. The key is meant for signing (-sky).

The private key should be stored in the MyCA.pvk file, and the certificate in the MyCA.cer file. Importing the CA certificate

Because there's no point in having a CA certificate if you don't trust it, you'll need to import it into the Windows certificate store. You can use the Certificates MMC snapin, but from the command line:

certutil -user -addstore Root MyCA.cer

Creating a code-signing certificate (SPC)

makecert -pe -n "CN=My SPC" -a sha256 -cy end ^
         -sky signature ^
         -ic MyCA.cer -iv MyCA.pvk ^
         -sv MySPC.pvk MySPC.cer

It is pretty much the same as above, but we're providing an issuer key and certificate (the -ic and -iv switches).

We'll also want to convert the certificate and key into a PFX file:

pvk2pfx -pvk MySPC.pvk -spc MySPC.cer -pfx MySPC.pfx

If you want to protect the PFX file, add the -po switch, otherwise PVK2PFX creates a PFX file with no passphrase. Using the certificate for signing code

signtool sign /v /f MySPC.pfx MyExecutable.exe
              /t http://timestamp.url MyExecutable.exe

(See why timestamps may matter)

If you import the PFX file into the certificate store (you can use PVKIMPRT or the MMC snapin), you can sign code as follows:

signtool sign /v /n "Me" /s SPC /d http://www.me.me ^
              /t http://timestamp.url MyExecutable.exe

Some possible timestamp URLs for signtool /t are:

    http://timestamp.verisign.com/scripts/timstamp.dll
    http://timestamp.globalsign.com/scripts/timstamp.dll
    http://timestamp.comodoca.com/authenticode

Das Paket muss mit dem Signtool signiert werden.

cd x:\Path\to\Win\Res\Kit\bin\x64
signtool sign /a /v /fd SHA256 /f x:\path\to\cert.pfx /p PASSWORD x:\path\to\app.appx

Add-AppxPackage x:\path\to\app.appx