Skip to main content

Certificate Selection

This feature is included in AdminStudio Professional and Enterprise Editions.

You can use the Application Manager Certificate Selection wizard to perform digital signing using the Repackager tool.

When repackaging an .msi or .exe file into the .msix format, navigate to the Repackaged Output Options dialog box and choose a package. If you enable the Digitally Sign MSIX option, the Certificate Selection wizard will appear.

On the Certification Selection wizard, you specify the signing details.

In the Signing Type drop down, choose one of the following:

Standard

Uses this option to digitally sign MSIX packages with a pre-configured certificate. Suitable for most common signing scenarios.

Certificate Selection Wizard / Standard

The Certificate Selection wizard includes the following properties:

PropertyDescription
Signing TypeIn the Signing Type drop down, select Standard .
Certificate File (.pfx)Specify the following details:
Certificate File — Specify a path to a valid PFX certificate file. Click ellipses ( ... ) to browse and select the valid path.
Certificate Password — Specify the password for the PFX certificate file.
Time Stamp Server URL — Specify the valid Time Stamp Server URL.
Certificate StoreSpecify the following details:
Certificate Store Location — Select either User or Machine
Certificate Store Name — Select any one of the store name from the drop down list.
Certificate Subject — Select respective certificate subject from the drop down list. Click View details button to view the details of the selected Certificate.

Custom

Use this option to configure and use a custom signing solution for digitally signing MSIX packages. This is useful for automation scenarios where the standard signing option doesn't meet your requirements.

Certificate Selection Wizard / Custom

The Certificate Selection wizard includes the following properties:

PropertyDescription
Signing TypeIn the Signing Type drop down, select Custom .

The Publisher Name in the MSIX package must exactly match the Subject in the signing certificate.

Always include the "[Filename]" placeholder where the MSIX file path should appear. At runtime, this will be automatically replaced with the actual MSIX file path.

For more information, see Custom Signing with HSM Support.
PathSpecify the location of the signing tool or a script.

Supported file types include:
.exe (Executable)
.bat (Batch Script)
.vbs (VBScript)
.ps1 (PowerShell Script)

Click ellipses ( ... ) to browse and select the valid path.

Examples:
<ProgramFilesFolder>\\Windows Kits\\10\\bin\\<WinSDKVer>\\x86\\signtool.exe
ArgumentsSpecify the required command-line arguments for the Signtool or custom script file. These arguments will be passed at runtime during signing process.

Enter the valid command-line parameters for the specified Path field.

Examples:
sign /fd SHA256 /f <ProgramFilesFolder>\\testCA.pfx /t http://timestamp.digicert.com /p 123 /v "\[Filename\]"