App signing in visual Studio Build

 

Code Signing For Visual Studio Projects

When using CircleCI's Windows Orb, to sign a visual studio project, the user needs to already have a PFX certificate file and know the thumbprint for the file. Documentation on thumbprinting can be found here.

Modify The .csproject file

In the .csproject file in default <PropertyGroup> tag, add a <PackageCertificateThumbprint> tag populated with the thumbprint of the certificate.

Load the certificate into the keystore

You will have to do the following to successfully make the certificate discoverable and accessible in the windows certificate stores. This script simplifies that process.

Usage for this script is:

ImportCert.ps1 -KeyPath {Path to certificate file} -KeyPass {The above configuration assumes tha the certificate file is located at $PROJECT_ROOT\TestApp\TestApp_TemporaryKey.pfxPassword for certificate}

Configure Build in Build Config

version: 2.1

orbs:
  win: circleci/windows@2.4.0

jobs:

  build:
    executor:
      name: win/default
      size: "medium"

    steps:
      - checkout
      - run: C:\Users\circleci\project\TestApp\scripts\ImportCert.ps1 -KeyPath C:\Users\circleci\project\TestApp\TestApp_TemporaryKey.pfx -KeyPass testpassword # load certificate into store
      - run: 
          name: build
          command: |
            $ProgressPreference = "SilentlyContinue"
            msbuild TestApp\TestApp.csproj /p:Configuration=Release /p:AppxBundle=Always /p:AppxBundlePlatforms="x86|x64|ARM" /p:BuildAppxUploadPackageForUap=true /p:AppxPackageSigningEnabled=true  /p:PackageCertificatePassword="testpassword" -restore #Run the msbuild process

workflows:
  version: 2
  build_and_upload_artifact:
    jobs:
      - build

The above configuration assumes that the certificate file is located at :

$PROJECT_ROOT\TestApp\TestApp_TemporaryKey.pfx

Example Project

An example project with code signing can be found here.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.