Building a Unity UWP/WSA from Command Line with Non-Test Certificate


I'm having an issue with building my Unity project through the command line with a certificate I got from Sectigo Limited with Code Signing. The reason why I went with getting a Sectigo Limited certificate instead of getting certified through the Windows Store is because we plan on the users downloading the app directly and sideloading it so we don't want to them to set them to be in Developer Mode to install it, and we don't want to distribute through the Windows Store. So when I got the certificate from Sectigo Limited I set it to be the certificate to be used in Unity in the Publisher Settings. I entered the password then used the following command to build the project.

Unity.exe -quit -batchmode -silent-crashes -serial %UNITY_SERIAL% -username %UNITY_EMAIL% -password "%UNITY_PASSWORD%" -projectPath "sensei-v2" -logFile "%BUILD_BINARIESDIRECTORY%\build.log" -buildTarget WindowsStoreApps -executeMethod BuildSensei.BuildWindowsUWP -outputDirectory %BUILD_BINARIESDIRECTORY%

BuildSensei.BuildWindowsUWP is this function in case you were wondering:

PlayerSettings.SplashScreen.showUnityLogo = false;

string[] scenes = { "Assets/MyProject/Scenes/Login.unity", "Assets/MyProject/Scenes/Main.unity" };

string outputDirectory = "C:/Users/PavanJakhu/source/repos/myproject/Builds/UWP/MyProject-";
if (Directory.Exists(outputDirectory))
    Directory.Delete(outputDirectory, true);
if (!Directory.Exists(outputDirectory))

BuildPlayerOptions options = new BuildPlayerOptions()
    scenes = scenes,
    locationPathName = outputDirectory,
    target = BuildTarget.WSAPlayer,
    targetGroup = BuildTargetGroup.WSA,
    options = BuildOptions.None
var result = BuildPipeline.BuildPlayer(options);

Debug.Log("Build result: " + result.summary.result + "\nTotal time: " + result.summary.totalTime + "\nPlatform: " + result.summary.platform);

I then try to build the Visual Studio solution through MSBuild using this command:

"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\MSBuild\Current\Bin\msbuild.exe" "C:/Users/PavanJakhu/source/repos/myproject/Builds/UWP/MyProject-\MyProject\MyProject.sln" /nologo /nr:false /p:AppxBundlePlatforms="x64" /p:AppxPackageDir="C:/Users/PavanJakhu/source/repos/myproject/Builds/UWP/MyProject-\MyProject\AppxPackages\\" /p:UapAppxPackageBuildMode=SideloadOnly /p:AppxBundle=Never /p:platform="x64" /p:configuration="Master" /p:VisualStudioVersion="16.0"

I get the following two errors.

error APPX0105: Cannot import the key file 'Sensei-Code-Signing-Cert.pfx'. The key file may be password protected. To correct this, try to import the certificate manually into the current user's personal certificate store.
error APPX0107: The certificate specified is not valid for signing. For more information about valid certificates, see

If I open the solution and check the certificate and click "Choose Certificate" I see this dialog. Choose Certificate dialog

Which seems incorrect since all the values are just "(none)." If I click "Select a Certificate," a native Windows dialog appears with the certificates in my Personal Store and I select the certificate I got from Sectigo Limited then build using the above command. It builds the AppX file and I can install it on computers without being in Developer Mode.

I have tried installing and reinstalling the certificate to my Personal and Trusted People stores. I also have tried using a test certificate generated in Unity then changing the Publisher attribute in the Identity tag in the App Manifest file for the exported Visual Studio project, then signing the generated AppX file with the Sectigo Limited certificate using SignTool.exe but I get the following error:

error 0x8007000B: The app manifest publisher name (CN=Arfront Technologies Inc.) must match the subject name of the signing certificate (CN=Arfront Technologies Inc., O=Arfront Technologies Inc., STREET=4141 Yonge Street, STREET=Suite 402, L=Toronto, S=Ontario, PostalCode=M2P2A8, C=CA).

I then tried to create another self-signed certificate with the same subject name as the Sectigo Limited certificate but that gave the same error.

So I'm stuck now and don't really know how else to do. How would I go about creating an UWP app that is signed so a person sideloading it doesn't need to be in Developer Mode?

asked on Stack Overflow May 30, 2019 by Pavan Jakhu • edited May 31, 2019 by Pavan Jakhu

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0