Personalized Community is here!
Quickly customize your community to find the content you seek.
Now Available in Community - New TechTalk Videos for 2021
2022 Release Wave 1 PlanDynamics 365 release plan for the 2022 release wave 1 describes all new features releasing from April 2022 through September 2022.
2022 release wave 1 plan
The FastTrack program is designed to help you accelerate your Dynamics 365 deployment with confidence.
FastTrack Community | FastTrack Program | Finance and Operations TechTalks | Customer Engagement TechTalks | Upcoming TechTalks | All TechTalks
I'm trying to generate a retail deployable package, I want the MPOS installer on that package to be digitally signed. In order for that to work in a build server the authenticode certificate has to be imported into the Azure Key Vault. We also have to modify some settings in the RetailSDK\BuildTools\Customization.settings file. But there is really no documentation that I can find that tells you how to do this. Can anyone provide at least a general overview on how to do this?
Can this link answer your question?
Thank you for your answer. That document shows the steps, but following them closely I still couldn't get the build procedure to sign the files. I used the thumbprint method and I had to do this in the customization.settings file:
<?xml version="1.0" encoding="utf-8"?><Project xmlns="">schemas.microsoft.com/.../2003"> <Import Project="retailPackagePaths.settings" Condition="Exists('retailPackagePaths.settings') AND $(PkgMicrosoft_Dynamics_Commerce_Runtime) == ''"/> <PropertyGroup> <MSBuildAllProjects>$(MSBuildAllProjects);$(MSBuildThisFileFullPath)</MSBuildAllProjects> <ISVCustomizationSettingsHasBeenImported>true</ISVCustomizationSettingsHasBeenImported>
<!-- This section is for global settings and code signing. Any built file will inherit these values if applicable. Package manifest files will also use these values during package generation. --> <AssemblyNamePrefix Condition="'$(AssemblyNamePrefix)' == ''">HF</AssemblyNamePrefix> <CustomAssemblyVersion Condition="'$(CustomAssemblyVersion)' == ''">126.96.36.199</CustomAssemblyVersion> <CustomVersion Condition="'$(CustomVersion)' == ''">188.8.131.52</CustomVersion> <CustomName Condition="'$(CustomName)' == ''">HF Retail Customization</CustomName> <CustomDescription Condition="'$(CustomDescription)' == ''">HF Retail Customization</CustomDescription> <CustomPublisher Condition="'$(CustomPublisher)' == ''">CN=Some Company, LLC</CustomPublisher> <CustomPublisherDisplayName Condition="'$(CustomPublisherDisplayName)' == ''">Some Company, LLC</CustomPublisherDisplayName> <CustomCopyright Condition="'$(CustomCopyright)' == ''">Copyright Â© 2020</CustomCopyright>
<SignAssembly Condition="'$(SignAssembly)' == ''">false</SignAssembly> <DelaySign Condition="'$(DelaySign)' == ''">false</DelaySign> <AssemblyOriginatorKeyFile Condition="'$(AssemblyOriginatorKeyFile)' == '' and '$(SignAssembly)' == 'true'">$(MSBuildThisFileDirectory)\strongnamekey.snk</AssemblyOriginatorKeyFile>
<!-- The name of the cert must match the name of the publisher of the package which is the same as the CustomPublisher above. blogs.msdn.com/.../create-a-windows-store-appx-package-and-sign-it.aspx msdn.microsoft.com/.../jj835832(v=vs.85).aspx
The sample cert was generated like this: MakeCert /n "CN=Contoso Ltd." /r /h 0 /eku "184.108.40.206.220.127.116.11.3,18.104.22.168.4.1.322.214.171.124" /e ""12/31/2037"" /sv appxsignkey.pvk appxsignkey.cer empty password as just for testing (Optional parameters for password protected cert [/pi "Password" /po "password"]) Pvk2Pfx.exe /pvk appxsignkey.pvk /spc appxsignkey.cer /pfx appxsignkey.pfx /pi ""
To use signing cert from certificate store, add thumbprint of the certificate below to ModernPOSPackageCertificateThumbprint property and comment out ModernPOSPackageCertificateKeyFile property. If certificate being used is password protected, then this method must be used.
Use the following command get the Thumpprint of the certificate powershell Get-ChildItem -Path Cert:\CurrentUser\My
ModernPOSPackageCertificateThumbprint cannot be used in VSTS builds, because the certificate can't be installed on the VSTS hosted machines. Instead the certificate must be restored to the file system using a secret manager, such as Azure KeyVault, and the argument ModernPOSPackageCertificateKeyFile should specify the path to the certificate. When consuming the signing certificate via ModernPOSPackageCertificateKeyFile, leave the ModernPOSPackageCertificateThumbprint variable empty. --> <ModernPOSPackageCertificateKeyFile Condition="'$(ModernPOSPackageCertificateKeyFile)' == ''"></ModernPOSPackageCertificateKeyFile> <ModernPOSPackageCertificateThumbprint Condition="'$(ModernPOSPackageCertificateThumbprint)' == ''">4ACC89878691F026E37FB3A961132DB6XXXX1948</ModernPOSPackageCertificateThumbprint>
<!-- To generate a self-signed Code Signing Certificate, use the following Powershell command: New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My -Subject "CN=Contoso Ltd." -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -KeyUsage DigitalSignature -Type CodeSigningCert
You can use the following Powershell command to get the thumbprint: Get-ChildItem -Path Cert:\CurrentUser\My --> <SelfServicePackageCertificateThumbprint Condition="'$(SelfServicePackageCertificateThumbprint)' == ''">4ACC89878691F026E37FB3A961132DB6XXXX1948</SelfServicePackageCertificateThumbprint>
<!-- Specify the name of the Windows Phone Modern POS package. Specify the name of the Android Modern POS phone package. Specify the name of the iOS Modern POS phone package. -->
Business Applications communities