We are developing a company app for windows phone 8.
I have followed every step described in Company app distribution for Windows Phone
Here is what I did:
Registered company account
Bought an enterprise certificate from Symantec.
Exported PFX file with private key
Generated Enrollment Token (AETX file) from PFX.
Developed application, built with visual studio and get xap file
generated. (Name it App.xap)
Precompiled managed assemblies and Signed it with certificate using
BuildMDILXap.ps1 powershell script. (All messages indicated success).
Hosted AETX and signed XAP file on our web server.
At this point, when a wp8 phone tries to download XAP file without first installing AETX, The phone gives proper error message: "Before you install this app, you need to add XXXX company account. Contact your company's support person for help".
After installing AETX, when wp8 phone tries to install XAP file, the phone asks for confirmation: "Would you like to install App1 from XXXX?" After clicking "install" button, nothing happens. There is no success message, no error message, no indication of installation, and the application does not show in application list.
I have also tried sending AETX and XAP files over email (in case internet explorer or iis cannot handle file types), same result.
I have also tried doing the same for our company hub app, same result.
As far as I understand, company hub app is just another app (of course for different purpose) and both normal app and hub app can be distributed same way (over web address or email etc), right?
What is wrong? Cannot find the problem here?
Any ideas?
I bet you don't have a proper setup for code signing. One important step that is easy to miss is to install the parent certificates of your enterprise code signing certificate (that you got from Symantec). Specifically, download and import the following two certificates and then try to sign the XAP file again.
https://knowledge.verisign.com/library/VERISIGN/ALL_OTHER/Symantec_Enterprise_Mobile_Root_for_Microsoft.cer
https://knowledge.verisign.com/library/VERISIGN/ALL_OTHER/Symantec_Enterprise_Mobile_CA_for_Microsoft_Cert.cer
It is sad that the signing tool does not report any errors, yet the output is not a correctly signed XAP that WP8 would accept.
Related
As the title says, I would like to deploy my application on multiple phones, without developer unlocking them.
The said application is private, thus it can't be distributed through the store. I've heard of Company app distribution, however it's not clear for me whether it requires a developer unlocked phone or not.
Can you tell me how can I get custom apps on WP8.1 phones, without dev unlock?
The link you have shared describes steps to distribute app internally.
For deployment of company apps developer unlocked phone is not required. Once company app is ready for deployment, you need to install .aetx file which is generated form the code signing certificate. .aetx file can be shared to users through mail which can be accessed through phone to install. Once this is installed you can deploy xap by just clicking on the shared xap file. sharing can be through mail, dropbox, or any secure website.
Let me know if more doubt.
I have developed Windows Phone Silverlight application (support 8.0 and 8.1) for my client request. The client is goint to publish the application in WP app store, but first he must check on his phone if everything is OK with the application.
The application was developed with Visual Studio 2013, I've got developer account and own phone assigned to this account on which I have tested the application.
The question is, how can my client install the application on his own phone skipping windows app store? I have sent him builded *.xap file but he had a some problems with installation (Cannot install company application)?
You can submit your app to Windows Phone Store BETA. Your app will by certified quickly, and your client will be able to download it just like any other app from Store. The difference is that it will be visible and possible only for him.
Log in to you DevCenter account, click Submit App. Then, in App info section expand More options and select Beta. Then you can provide your client's mail.
I'm not sure, but I think that the name of the app should not be the same as the final version. So you can name it "My App Beta" to avoid future name conflict with the final version.
One more thing. When your app pass certification process, you have to send the link to the app to your client, because he won't get any notification.
I need help on code signing of my windows store app to deploy to target audience. When i try to change default certificate provided by visual studio at the time of Windows Store 8.1 project creation to my company certificate. Visual studio is throwing error
"The Manifest designer could not import the certificate.The certificate you selected is not valid for signing because it is either expired or has another issue. "
Is there any way for code signing in windows store 8.1 i see most of the blog targeted for windows 8. I need any info targetting in windows 8.1
My end goal is to deploy my windows store (LOB) without any developer license.
The certificate publisher name needs to match the publisher name defined in your app manifest. This means you will likely need to make a new certificate. You can, however, install the new certificate on your devices, including using something like a group policy (if they're all on the same domain).
We were getting that same error when trying to sign our packages with our existing code-signing certs. We resolved the issue by modifying our code-signing certificate template to include the "Basic Constraints Extension".
After changing the template and issuing a new certificate, we were able to sign the windows app package with the new certificate, and install the app on domain computers.
Here is the walkthrough that put us on the right path:
Side Loading Deployment of Windows Store Apps in Enterprises – Step by Step
We didn't exactly follow these steps... all we did was modify our template (as he does) and then requested a new certificate from the old certsrv asp page like we've been doing for years.
We are developing a company app for windows phone 8.
I have followed every step described in Company app distribution for Windows Phone
Here is what I did:
Registered company account
Bought an enterprise certificate from Symantec.
Exported PFX file with private key
Generated Enrollment Token (AETX file) from PFX.
Developed application, built with visual studio and get xap file
generated. (Name it App.xap)
Precompiled managed assemblies and Signed it with certificate using
BuildMDILXap.ps1 powershell script. (All messages indicated success).
Hosted AETX and signed XAP file on our web server.
At this point, when a wp8 phone tries to download XAP file without first installing AETX, The phone gives proper error message: "Before you install this app, you need to add XXXX company account. Contact your company's support person for help".
After installing AETX, when wp8 phone tries to install XAP file, the phone asks for confirmation: "Would you like to install App1 from XXXX?" After clicking "install" button, nothing happens. There is no success message, no error message, no indication of installation, and the application does not show in application list.
I have also tried sending AETX and XAP files over email (in case internet explorer or iis cannot handle file types), same result.
I have also tried doing the same for our company hub app, same result.
As far as I understand, company hub app is just another app (of course for different purpose) and both normal app and hub app can be distributed same way (over web address or email etc), right?
What is wrong? Cannot find the problem here?
Any ideas?
I bet you don't have a proper setup for code signing. One important step that is easy to miss is to install the parent certificates of your enterprise code signing certificate (that you got from Symantec). Specifically, download and import the following two certificates and then try to sign the XAP file again.
https://knowledge.verisign.com/library/VERISIGN/ALL_OTHER/Symantec_Enterprise_Mobile_Root_for_Microsoft.cer
https://knowledge.verisign.com/library/VERISIGN/ALL_OTHER/Symantec_Enterprise_Mobile_CA_for_Microsoft_Cert.cer
It is sad that the signing tool does not report any errors, yet the output is not a correctly signed XAP that WP8 would accept.
If I create an Application Enrollment Token, I will get an aet and aetx file. The aetx file can be send to the phone via mail or can be opened in the web browser and will be installed then. However, I'm unable to uninstall the certificate. There is no option in the phone's settings or during the installation of an aetx.
Is there any way to uninstall a manually installed AET, except resetting the phone to factory settings?
AFAIK there is also no way to see or get extended information like the validation dates of the AET, except you've installed it via a MDM solution. So did any of you succeeded in deletion of the AET manually?
This cannot be done manually! Microsoft says:
After a user enrolls a phone for company app distribution manually by tapping an AET.aetx file on their phone, the phone is automatically enrolled for as long as the certificate is valid (one year). After enrolling for company app distribution by this process, users cannot unenroll their phone by using the phone UI.
Source: http://msdn.microsoft.com/en-us/library/windowsphone/develop/jj206943%28v=vs.105%29.aspx
However if you use the MDM Api to enroll a Phone (like Intune does), and unenroll that phone (either remote or manually) the aet is removed, too.