边缘扩展标志失败

Edge extension sign failed

我正在将现有的 Chrome 扩展移植到 Microsoft Edge。 当我在 Edge 中将其作为临时扩展加载时,该扩展有效。

现在要打包签收。包已成功生成。但是当我尝试使用 Windows App Certification Kit 对其进行签名时,它失败并出现以下错误:

Edge extension manifest.json
Error Found: The JSON schema validation test detected the following errors:
Validation failed: Data does not match any schemas from "anyOf"
Schema location: /allOf/1/dependencies/background/anyOf
Manifest location: 
Validation failed for extension manifest: Extension\manifest.json
Impact if not fixed: Microsoft Edge extensions that violate the Windows Store certification requirements can’t be submitted to the Windows Store.
How to fix: Extension’s manifest.json must include valid entries for all required and specified fields. Please resolve the entries and conflicts above.

我用来打包扩展的命令:

manifoldjs -l debug -p edgeextension -f edgeextension -m EdgeExtension\manifest.json
manifoldjs -l debug -p edgeextension package Test\edgeextension\manifest\

我的清单文件:

{
    "author": "Test",
    "background": {
        "page": "Agent/Ext/bg-loader.html",
        "persistent": false
    },
    "content_scripts": [
        {
            "matches": [
                "<all_urls>"
            ],
            "js": [
                "Agent/Content/contentLoader.js"
            ],
            "run_at": "document_start",
            "all_frames": true
        }
    ],
    "content_security_policy" : "script-src 'self'; object-src 'self'",
    "default_locale" : "en",
    "description": "Test Web Applications Using Google Chrome",
    "name": "Test",
    "permissions": [
        "nativeMessaging",
        "webNavigation",
        "webRequest",
        "webRequestBlocking",
        "tabs",
        "cookies",
        "browsingData",
        "debugger",
        "<all_urls>",
        "notifications",
        "unlimited_storage"
    ],
    "version": "1.0.0.0",
    "-ms-preload": {
        "backgroundScript": "backgroundScriptsAPIBridge.js",
        "contentScript": "contentScriptsAPIBridge.js"
    },
    "minimum_edge_version" : "33.14281.1000.0"
}

的 Alexey Sidorov 的帮助下,我想出了如何签署 Edge 扩展。

Note: Please make sure do following steps in PowerShell, not command line.


1. 创建自签名证书

New-SelfSignedCertificate -Type Custom -Subject "CN=Contoso Software, O=Contoso Corporation, C=US" -KeyUsage DigitalSignature -FriendlyName <Your Friendly Name> -CertStoreLocation "Cert:\LocalMachine\My"

您可以在 Microsoft Developer 站点的应用程序标识中获取您的主题。

友好名称可以是任何字符串。

2.导出证书

检查指纹:

Set-Location Cert:\LocalMachine\My
Get-ChildItem | Format-Table Subject, FriendlyName, Thumbprint

出于安全原因,您需要密码才能导出。

$pwd = ConvertTo-SecureString -String <Your Password> -Force -AsPlainText 
Export-PfxCertificate -cert "Cert:\LocalMachine\My\<Certificate Thumbprint>" -FilePath <FilePath>.pfx -Password $pwd

3. 将证书安装到受信任的根证书颁发机构。

在开始菜单中键入 "Manage computer certificates",导航到受信任的根证书 Authorities\Certificates。右键单击它,所有任务,导入按照向导完成导入。

4. 使用 SignTool 对应用程序进行签名(SignTool 随 Windows 10 SDK 安装。请确保它存在于您的系统 PATH 中)

检查您的扩展程序的哈希算法:

在你的 .appx 文件中提取 AppxBlockMap.xml,检查 HashMethod:

<BlockMap xmlns="http://schemas.microsoft.com/appx/2010/blockmap" HashMethod="http://www.w3.org/2001/04/xmlenc#sha256">

哈希算法是#之后的值,例如#sha256表示您正在使用SHA256作为哈希算法。

SignTool sign /fd <Hash Algorithm> /a /f <Path to Certificate>.pfx /p <Your Password> <File path>.appx

5.现在您可以双击安装您的应用程序了。


官方参考资料:

Create a certificate for package signing

Sign an app package using SignTool