5

I can successfully sideload an app on my secondary machine by running the PowerShell script generated with app package creation.

However, if I try the friendlier route of double-clicking on the .appx ( or .appxbundle) file, and in that dialog press "Install", I get the following error: 

...installation failed

Ask the developer for a new app package. This package may conflict with a package already installed, or it depends on things that are not installed here (package dependencies) or is made for a different architecture (0x80073CF3).

But here's a twist: if I first install the app via the PowerShell script, subsequent app package updates do successfully install when going the double-click route. So in other words, the very first sideload install requires PowerShell, and subsequent updates can be done with the friendly GUI double-click approach.

My ultimate goal is to allow my users to install my app on a fresh machine, without having to get involved with PowerShell. So I need this GUI sideloading installation to work.

(Note: I'm using VS 2017 15.3.4, both my development machine and target machine are running windows build 15063, and the issue is encountered even when creating a blank UWP app, targeting Creators Update 15063, and no other packages or references being added)

Update

My UWP project is set up to use an official, trusted code signing certificate (not a test certificate).

Update 2 It looks like this issue was resolved with the Fall Creator's Update. After updating both my development machine and the target machine with the FCU, the installation dialog now indicates an additional step in the progress bar: around 19% it says "installing additional frameworks...". After that, it proceeds to "installing app package" and succeeds shortly thereafter.

As an aside, my previous issue (targeting the older Creator's Update) was observed even with a blank app (VS -> Create new UWP app -> Sign with my trusted cert -> Create app package -> Attempt sideload)

Ziyaddin Sadigov
  • 8,893
  • 13
  • 34
  • 41
BCA
  • 7,776
  • 3
  • 38
  • 53
  • You can publish it to store, so you can easily install app on any machine, if you want selected user can install this app , you can use link sharing approach available in dev center. And you should install .appx not .appxbundle – Shubham Sahu Oct 06 '17 at 18:20
  • For some apps, the Windows Store is not appropriate. Hence my question about sideloading. I encounter the same error whether I deploy a `.appx` or a `.appxbundle`. – BCA Oct 06 '17 at 19:59
  • Please share the dependency section of the appxmanifest.xml file in your package. I suspect you are declaring a dependency that isn't present on your system. – Stefan Wick MSFT Oct 22 '17 at 14:54
  • My issue was resolved by updating to the FCU. Whatever my dependencies were, they were those of a brand new, signed UWP app. – BCA Oct 23 '17 at 11:29

2 Answers2

4

Your app package needs to be signed with a certificate that is trusted by the client computer for this to work. This is an important part to ensure trustworthy deployment. Otherwise the client could not be sure about the source of app package, opening the door for malware, adware or ransomware.

The reason it works with the powershell script is because the script installs the test certificate that your package is signed with by Visual Studio. Therefore all subsequent installs via double-click work as well.

Here is the relevant documentation from MSDN:

https://learn.microsoft.com/en-us/windows/uwp/packaging/packaging-uwp-apps

https://learn.microsoft.com/en-us/windows-hardware/drivers/install/installing-test-certificates

Stefan Wick MSFT
  • 13,600
  • 1
  • 32
  • 51
  • Does this part also apply to the client (non-developer) machines: _"You must enable your device for development."_? – Stefan Over Oct 07 '17 at 09:24
  • 1
    Your client machines won't need to enable developer mode. Just make sure that side-loading is enabled (should be by default). – Stefan Wick MSFT Oct 07 '17 at 21:52
  • We have 3 option - 1) Windows Store App 2) Side load App 3) Developer mode and the default is 1). To install the signed appx from the outside of store, you need to change the settings to 2). Off course the administrator of your organization can change the default but the os default is 1). – Mamoru Satoh Oct 10 '17 at 04:16
  • I am not using a test certificate; I am using an official code signing certificate that I purchased from Comodo. Therefore there should be no need to install certificates because COMODO root cert is already on the target machine... correct? – BCA Oct 10 '17 at 12:27
  • Yes correct, if you sign your package with that cert. – Stefan Wick MSFT Oct 10 '17 at 13:28
  • So then, if I'm using an official, trusted cert, then my issue must not be related to certs. So my original question is still unanswered; what is the powershell script doing that double-clicking the app package is not? – BCA Oct 18 '17 at 12:18
  • 2
    Just so I'm clear, sideloading *doesn't* require you to explicitly install the certificate that is bundled alongside the app package (e.g. `MyApp_1.0.3.0_x86_x64.cer`), as long as that machine trusts the root CA that signed it, and the cert path resolves successfully. Am I correct in that? – BCA Oct 18 '17 at 12:23
0

It looks like this issue was resolved with the Fall Creator's Update. After updating both my development machine and the target machine with the FCU, the installation dialog now indicates an additional step in the progress bar: around 19% it says "installing additional frameworks...". After that it proceeds to "installing app package" and succeeds shortly thereafter.

BCA
  • 7,776
  • 3
  • 38
  • 53