VisualStudio.com can't load the temporary UWP certificate during builds

visual studio
visual studio code
visual studio 2019
visual studio download
visual studio code download
visual studio community
visual studio code online
visual studio online pricing

I set up my Visual Studio Team Service account to clone my private GitHub repo and build the Windows UWP application anytime I queue a build. The cloning works without any issues; the compilation of every project (6) works except one. The Windows UWP app project.

I receive the following warnings while the build server compiles the app:

C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): Warning APPX0104: Certificate file 'myapp_TemporaryKey.pfx' not found.

2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): warning APPX0104: Certificate file 'myapp_TemporaryKey.pfx' not found. [C:\a\1\s\Source\Applications\myapp.WindowsUWP\myapp.csproj]

C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): Warning APPX0102: A certificate with thumbprint '58F2EA544193F6FC9F2737135570555B388E58D8' that is specified in the project cannot be found in the certificate store. Please specify a valid thumbprint in the project file.

2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): warning APPX0102: A certificate with thumbprint '58F2EA544193F6FC9F2737135570555B388E58D8' that is specified in the project cannot be found in the certificate store. Please specify a valid thumbprint in the project file. [C:\a\1\s\Source\Applications\myapp.WindowsUWP\myapp.csproj]

C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): Warning APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see http://go.microsoft.com/fwlink/?LinkID=241478. 2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(1778,5): warning APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see http://go.microsoft.com/fwlink/?LinkID=241478. [C:\a\1\s\Source\Applications\myapp.WindowsUWP\myapp.csproj]

This is the last project out of the 6 to compile. After I receive the warnings, it proceeds to copy all of the output files over to the final /bin directory. Then when it's all done, reports the same messages as above, but as errors this time and fails the build.

_GenerateAppxPackageFile: C:\Program Files (x86)\Windows Kits\10\bin\x64\MakeAppx.exe pack /l /h sha256 /f obj\x86\Debug\package.map.txt /o /p C:\a\1\s\Source\Applications\MyApp.WindowsUWP\AppPackages\MyApp_1.0.0.0_x86_Debug_Test\MyApp_1.0.0.0_x86_Debug.appx MyApp -> C:\a\1\s\Source\Applications\MyApp.WindowsUWP\AppPackages\MyApp_1.0.0.0_x86_Debug_Test\MyApp_1.0.0.0_x86_Debug.appx C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): Error APPX0104: Certificate file 'MyApp_TemporaryKey.pfx' not found. 2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): error APPX0104: Certificate file 'MyApp_TemporaryKey.pfx' not found. [C:\a\1\s\Source\Applications\MyApp.WindowsUWP\MyApp.csproj] C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): Error APPX0102: A certificate with thumbprint '58F2EA544193F6FC9F2737135570555B388E58D8' that is specified in the project cannot be found in the certificate store. Please specify a valid thumbprint in the project file. 2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): error APPX0102: A certificate with thumbprint '58F2EA544193F6FC9F2737135570555B388E58D8' that is specified in the project cannot be found in the certificate store. Please specify a valid thumbprint in the project file. [C:\a\1\s\Source\Applications\MyApp.WindowsUWP\MyApp.csproj] C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): Error APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see http://go.microsoft.com/fwlink/?LinkID=241478. 2>C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(2382,5): error APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see http://go.microsoft.com/fwlink/?LinkID=241478. [C:\a\1\s\Source\Applications\MyApp.WindowsUWP\MyApp.csproj] 2>Done Building Project "C:\a\1\s\Source\Applications\MyApp.WindowsUWP\MyApp.csproj" (default targets) -- FAILED. 1>Done Building Project "C:\a\1\s\Source\MyApp.UWP.sln" (default targets) -- FAILED. Build FAILED. "C:\a\1\s\Source\MyApp.UWP.sln" (default target) (1) ->

If I just delete the certificate (as I did in this particular error log), it fails because it can't find it. If I generate the certificate using the manifest editor in VS, and assign it a password, the build server fails because it doesn't know the password. So I can't get it to build whether I provide a temporary test certificate or not.

How are we supposed to run Windows 10 UWP apps through the Visual Studio Team Services build system? This is something that Microsoft has been promoting for a while now so I I assumed this was a thing that could be done. I can't seem to get the UWP project to actually build.

You can generate a certificate without password assigned.

Or add a PowerShell step in your build definition to import the password protected certificate. Following is the powershell script you can use:

$pfxpath = 'myapp_TemporaryKey.pfx'
$password = 'yourpassword'

Add-Type -AssemblyName System.Security
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import($pfxpath, $password, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]"PersistKeySet")
$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "MY", CurrentUser
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($cert)
$store.Close()

Remember to set the "Working Folder" to the path where your pfx file placed.

Visual Studio Code, This means that VS Code can provide a local-quality development How do the Remote Development extensions relate to Visual Studio Codespaces?#. Download Visual Studio Community, Professional, and Enterprise. Try Visual Studio IDE, Code or Mac for free today.

By default .gitignore ignores any *.pfx file. Therefore it is not added to git. I had the same issue, that the build machine does not has the *_StoreKey.pfx file and therefore the build did not succeed.

For me the solution was to install the *_StoreKey.pfx on the build server. Then building the solution on the build server succeeds.

Visual Studio Code Remote Development Frequently Asked Questions, You can install it from within VS Code by searching for 'C#' in the Extensions view (Ctrl+Shift+X) or if you already have a project with C# files, VS Code will prompt� Microsoft Visual Studio Test Agent 2019 System Requirements. Visual Studio Test Agent supports the same system requirements as Visual Studio with the following changes: Requires a 2.6 GHz or faster processor. Quad core or better recommended; Requires 4 GB of RAM or higher for load generation; Requires 10 GB of hard disk space

C# programming with Visual Studio Code, Visual Studio Codespaces has a browser-based editor with support for Git repos, extensions, and a built-in command line interface so you can� Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications. Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows.

I solved this with the "secure files" feature: https://docs.microsoft.com/en-us/azure/devops/pipelines/library/secure-files?view=vsts

  1. In the build pipeline, there's a "library" tab. I added the pfx (that's excluded from source control) as a file there.
  2. I then added "download secure file" as a build task (https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/download-secure-file?view=vsts). Note the environment variable in the documentation (currently $env:DOWNLOADSECUREFILE_SECUREFILEPATH)
  3. I then added a command line task to move the file to where it was expected. So the command was move %DOWNLOADSECUREFILE_SECUREFILEPATH% FolderOfMyProject

Now it behaves as though the certificate were checked in.

Visual Studio Codespaces - Cloud IDE, You will need to link an account on VisualStudio.com to Review Board, so that Review Board can access content from the repository. If you've already linked an � We would like to show you a description here but the site won’t allow us.

I too was getting the error:

"Cannot import the key file 'blah.pfx'. The key file may be password protected. To correct this, try to import the certificate manually into the current user’s personal certificate store".

You can double click a .pfx file to import it into your store, the trick is that when it brings up the wizard, you have to choose "Current User", instead of "Local Machine" on the first screen, then instead of "Automatic", I specifically chose "Personal".

I was able to build the package after that. Didn't work when I chose "Local Machine" + Personal.

VisualStudio.com Repositories | Documentation, You need to use the personal access token authentication system since you can't do two factor authentication with a normal git login: From the VS Online website,� Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows. Download Visual Studio Code to experience a redefined code editor, optimized for building and debugging modern web and cloud applications.

Solved: Connect to visualstudio.com hosted GIT repository , which disables the setting can I see xxx.visualstudio.com in VS Team is in https://dev.azure.com/xxx/ instead of https://xxx.visualstudio.com� Sometimes, things can go wrong. If your Visual Studio installation fails, see Troubleshoot Visual Studio installation and upgrade issues for step-by-step guidance. We also offer an installation chat (English only) support option for installation-related issues. Here are a few more support options:

Git Auth Error dev.azure.com, It will list the VSTS Accounts you have access and then you just need to Login to **VSTS(Visual studio team services account)** or from� Visual Studio (current version Visual Studio 2019) is Microsoft’s premier IDE for Windows and MacOS. With Visual Studio, you can develop, analyze, debug, test, collaborate, and deploy your

To access a VisualStudio.com account, log in using the picker above , My.visualstudio.com allows you to access all of the great benefits of your Visual Studio Subscriptions and Programs in a single, user-friendly experience.

Comments
  • because I didn't need the signing, I simply disabled signing by adding the parameter /p:AppxPackageSigningEnabled=false to the msbuildArgs section in the YAML file.
  • Thank you for this! I really imagined that MSBuild would search the cert store, find the matching hash and get on with it. Apparently not.
  • This solution worked perfectly for me. Just need to add a couple of things to do beforehand: As @Michael Mairegger mentioned also, make sure to include the pfx file into the source control checkin. Also set the pfx file property for 'Copy to Output Directory' to something other than None (which is the default) to ensure that the pfx file is copied to the bin folder ready for packaging.
  • Is it a security risk to add the store key to the source? I mean, when it is an open source-repo it would surely be but for private/closed repositories it shouldn't be an issue, right?
  • @Patric Depends where this private repro is located. Anything remote should be considered as security risk. I, for now use the Secure file feature of TFSO
  • In my case I have my xx.pfx file in my solution. I am getting The key file may be password protected error...
  • This is beautiful and by far the best option I could find for a public-facing pipeline. The anonymous build results page doesn't even show the Secure File step.