Skip to content

Instantly share code, notes, and snippets.

@bgshacklett
Created June 9, 2019 13:27
Show Gist options
  • Save bgshacklett/2cac67bf99ddfd9f85221d90767296fb to your computer and use it in GitHub Desktop.
Save bgshacklett/2cac67bf99ddfd9f85221d90767296fb to your computer and use it in GitHub Desktop.
Script to Sign the Terminal Package from https://dev.azure.com/ms/Terminal/_build?definitionId=136
$certParams =
@{
Type = 'Custom'
KeyUsage = 'DigitalSignature'
FriendlyName = 'WindowsTerminal'
CertStoreLocation = 'Cert:\LocalMachine\My'
Subject = (
'CN=Microsoft Corporation',
'O=Microsoft Corporation',
'L=Redmond',
'S=Washington',
' C=US'
) -join ','
TextExtension = (
'2.5.29.37={text}1.3.6.1.5.5.7.3.3',
'2.5.29.19={text}'
)
}
$password = 'changeme'
$certExportParams =
@{
FilePath = 'WindowsTerminal.pfx'
Password = ConvertTo-SecureString -String $password -Force -AsPlainText
Cert = "Cert:\LocalMachine\My\$(
New-SelfSignedCertificate @certParams `
| Select-Object -ExpandProperty Thumbprint
)"
}
Export-PfxCertificate @certExportParams
Remove-Item -Path $certExportParams.Cert
$signTool = Get-Item 'C:\Program Files (x86)\Windows Kits\10\bin\*\x86\SignTool.exe'
$packageName = Get-Item CascadiaPackage_*_x64.msix `
| Select-Object -ExpandProperty Name
& $signTool sign /fd SHA256 `
/a `
/f $certExportParams.FilePath `
/p $password `
$packageName
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment