I am creating an Appx package using makeappx.exe
and then try to sign it using SignTool.exe
.
The error I get from SignTool is:
"Error: SignerSign() failed." (-2147024693/0x800700cb)
The certificate I am using is created by me following instructions from here.
In EventViewer
there is no record about this failed operation!
I do not understand what this error means and how to fix it!! Has anyone encountered this before, and found a solution?
I can't use Visual Studio so I need to stick with makeappx.exe
.
In addition to the signing errors that SignToolcan return, SignToolcan also return errors that are specific to the signing of app packages. These errors usually appear as internal errors: SignTool Error: An unexpected internal error has occurred. Error information: "Error: SignerSign() failed." (-2147024885 / 0x8007000B)
Troubleshooting app package signing errors 1 Run Eventvwr.msc. 2 Open the event log: Event Viewer (Local) > Applications and Services Logs > Microsoft > Windows > AppxPackagingOM >... 3 Look for the most recent error event. More ...
Known issues and troubleshooting for SignTool. The most common types of errors when using SignTool are internal and typically look something like this: SignTool Error: An unexpected internal error has occurred. Error information: "Error: SignerSign () failed.".
You can't use the SignTooltime stamp operation on a signed app package; the operation isn't supported. If you want to time stamp the app package, you must do it during the sign operation. For example: SignTool sign /fd hashAlgorithm /a /f signingCert.pfx /p password /tr timestampServerUrl filepath.appx
The appxmanifest xml file needs to have a publisher that corresponds to the certificate that is signing the appx package. The publisher is specified in an attribute for the "<Identity />" tag.
From MSDN:
The app manifest publisher name must exactly match the subject name of the signing. Note These names are specified in quotes and are both case and whitespace sensitive. You can update the Publisher attribute string that is defined for the Identity element in the AppxManifest.xml file to match the subject name of the intended signing certificate. Or, select a different signing certificate with a subject name that matches the app manifest publisher name. The manifest publisher name and the certificate subject name are both listed in the event message.
Example error:
error 0x8007000B: The app manifest publisher name (CN=Contoso) must match the subject name of the signing certificate (CN=Contoso, C=US).
I know this is an old question, but I just had a similar problem with the signer tool, but different error code. Though, I think the comment was relevant:
Turns out you can get this error too if you use the wrong version of the SignTool, but it give no clue to this fact.
So the top tip is …
Make sure you use the SignTool.exe from the same folder as the MakeAppx.exe tool. In my case in “C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64\”
Cross-linking should help this page get a higher page ranking on the search engines.
https://blogs.blackmarble.co.uk/rfennell/2019/04/30/a-fix-for-error-signersign-failed-2146958839-0x80080209-with-signtool-exe/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With