Error 0x80080209 when signing appx file for Windows UWP

问题

I have build a Windows 10 UWP cordova application, and are now trying to sign it. I already have a certificate that is used elsewhere (to sign .net assemblies) so I thought I would use the same one for this application signing.

When I use the signtool.exe, I get the following error..

SignTool Error: An unexpected internal error has occurred.
Error information: "Error: SignerSign() failed." (-2146958839/0x80080209)

Looking in the event log as suggested here, I see no errors just 2 information messages

The reader was created successfully without manifest validation.

I have made sure the Publisher fields in the AppxManifest.xml file matches the subject in the certificate.

Looking here, I see this described as

0x80080209-APPX_E_INVALID_SIP_CLIENT_DATA
Description : The SIP_SUBJECTINFOstructure used to sign the package didn’t 
contain the required data

Does anyone have any idea what this means?

[UPDATE1]

After the above failed, I attempted to create a new certificate as outlined here.

I used the following.

# create
New-SelfSignedCertificate -Type Custom -Subject "CN=My Company Pty Ltd, O=My Company Pty Ltd, C=AU" -KeyUsage DigitalSignature -FriendlyName mycert_uwp -CertStoreLocation "Cert:\LocalMachine\My"

 # get info
 Set-Location Cert:\LocalMachine\My
 Get-ChildItem | Format-Table Subject, FriendlyName, Thumbprint

 # export
 $pwd = ConvertTo-SecureString -String password123 -Force -AsPlainText 
 Export-PfxCertificate -cert "Cert:\LocalMachine\My\17BBBBBB2DC49F550671AF3E72120C88E2333333" -FilePath h:\0\mycert_uwp.pfx -Password $pwd

All appeared to work fine.

In my AppxManifest.xml I have...

<Identity Name="com.mycompany.myapp" Publisher="CN=My Company Pty Ltd, O=MyCompany Pty Ltd, C=AU" Version="1.0.1.1" ProcessorArchitecture="x86" />

I still get the same error when using the above.

[UPDATE 2]

The signtool command I am using is

signtool sign /fd SHA256 /a /f myapp_uwp.pfx /p may password c:\dev\myapp\platforms\windows\build\windows\release\x86\win10\Upload\CordovaApp.Windows10_1.0.1.1_x86\CordovaApp.Windows10_1.0.1.1_x86.appx

as outlined here.

I have also tried using SHA384 and SHA512. There is also the suggestions to try using the /debug and I get an error suggesting /debug is an invalid option.

[UPDATE3] It appears to be the certificate. I tried to use via Visual Studio (Packaging, Choose certificate), but get the following error (after entering the password)

.. and yets I have followed the instructions here (and triple checked).

Are these instructions wrong??

回答1:

Just in case someone else had similar issue (0x80080209 error while signing), newer version of signing tool (the one from Windows 10 SDK) worked for me