I'm porting an existing Chrome extension to Microsoft Edge. The extension works when I load it as temporary extension in Edge.
Now I want to pack and sign it. The package has been generated successfully. But when I try to sign it using Windows App Certification Kit, it fails with following error:
Edge extension manifest.json
Error Found: The JSON schema validation test detected the following errors:
Validation failed: Data does not match any schemas from "anyOf"
Schema location: /allOf/1/dependencies/background/anyOf
Manifest location:
Validation failed for extension manifest: Extension\manifest.json
Impact if not fixed: Microsoft Edge extensions that violate the Windows Store certification requirements can’t be submitted to the Windows Store.
How to fix: Extension’s manifest.json must include valid entries for all required and specified fields. Please resolve the entries and conflicts above.
The commands I use to pack extension:
manifoldjs -l debug -p edgeextension -f edgeextension -m EdgeExtension\manifest.json
manifoldjs -l debug -p edgeextension package Test\edgeextension\manifest\
My manifest file:
{
"author": "Test",
"background": {
"page": "Agent/Ext/bg-loader.html",
"persistent": false
},
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": [
"Agent/Content/contentLoader.js"
],
"run_at": "document_start",
"all_frames": true
}
],
"content_security_policy" : "script-src 'self'; object-src 'self'",
"default_locale" : "en",
"description": "Test Web Applications Using Google Chrome",
"name": "Test",
"permissions": [
"nativeMessaging",
"webNavigation",
"webRequest",
"webRequestBlocking",
"tabs",
"cookies",
"browsingData",
"debugger",
"<all_urls>",
"notifications",
"unlimited_storage"
],
"version": "1.0.0.0",
"-ms-preload": {
"backgroundScript": "backgroundScriptsAPIBridge.js",
"contentScript": "contentScriptsAPIBridge.js"
},
"minimum_edge_version" : "33.14281.1000.0"
}
With help of Alexey Sidorov from this thread, I figured out how to sign Edge extensions.
Note: Please make sure do following steps in PowerShell, not command line.
1. Create a self signed certificate
New-SelfSignedCertificate -Type Custom -Subject "CN=Contoso Software, O=Contoso Corporation, C=US" -KeyUsage DigitalSignature -FriendlyName <Your Friendly Name> -CertStoreLocation "Cert:\LocalMachine\My"
You can get your Subject in your App identity at Microsoft Developer site.
Friendly name can be any string.
2. Export the certificate
Check thumbprint:
Set-Location Cert:\LocalMachine\My
Get-ChildItem | Format-Table Subject, FriendlyName, Thumbprint
You need a password for exporting due to security reasons.
$pwd = ConvertTo-SecureString -String <Your Password> -Force -AsPlainText
Export-PfxCertificate -cert "Cert:\LocalMachine\My\<Certificate Thumbprint>" -FilePath <FilePath>.pfx -Password $pwd
3. Install the certificate to Trusted Root Certification Authorities.
Type "Manage computer certificates" in Start menu, navigate to Trusted Root Certification Authorities\Certificates. Right click at it, All Tasks, Import Follow the wizard to finish importing.
4. Sign the app using SignTool (The SignTool is installed with Windows 10 SDK. Please make sure it exists in your system PATH)
Check the Hash Algorithm of your extension:
Extract AppxBlockMap.xml in your .appx file, check HashMethod:
<BlockMap xmlns="http://schemas.microsoft.com/appx/2010/blockmap" HashMethod="http://www.w3.org/2001/04/xmlenc#sha256">
The Hash Algorithm is the value after #, for example, #sha256 means you are using SHA256 as Hash Algorithm.
SignTool sign /fd <Hash Algorithm> /a /f <Path to Certificate>.pfx /p <Your Password> <File path>.appx
5. Now you can install your app by double-click.
Official References: