I had a strange issue today: I couldn’t open any webpage in the Edge browser on my Windows 10 machine:

The network icon was showing that there was Internet access and a quick check on the command prompt showed that the connection (including name resolution appeared to work fine):

Other browsers such as Firefox (my default browser) and Chrome also worked fine but some other Microsoft applications also didn’t work such as the Microsoft Store:

I had a strange error today using the Desktop App Converter with the parameters given from the Store for Business.

The conversion would fail with the following error:

I’m not sure why this fails as the PackageName is provided by the store and should be valid. An answer on stackoverflow suggested to use a different value for the PackageName parameter and then edit the manifest.

I don’t like this method as manual modifications of the manifest often leads to errors when submitting the application to the store.

So let’s have a look and see why we’re getting this error.

I searched for E_MANIFEST_USE_DEFAULT_VALUE_FAILED in the DesktopAppConverter folder and found 1 occurence in ManifestOps.ps1.

From a look at the code it wasn’t immediately clear where the validation failed so I decided to debug it.

Read the rest of this entry »

I was trying to sign an .appx package that I created with the Desktop App Converter. However signtool returned the following error: Sign returned error: 0x800700C1
For more information, please see http://aka.ms/badexeformat

Sadly signtool doesn’t return more detailed information, even when passing the debug switch:

So what’s going on?

Read the rest of this entry »

Recently I installed a new Windows 10 machine (version 1709 aka Fall Creators Update).

After a while I noticed a problem with the Task Scheduler: when I wanted to open the “Schedule Tasks” option from settings I received the following error message:

The Task Scheduler MMC snapin was empty:

Read the rest of this entry »

When using the Desktop App Converter there’s no need to sign the resulting .appx packages with your own code signing certificate when you submit them to the Store.

However if you want to test the package on a different machine or distribute it to test users you may want to sign the .appx with a certificate.

One option is to use the -sign parameter, in this case the Desktop App Converter generates a code signing certificate and signs the package with it. Although easy to use, it’s not very convenient if you want to distribute the .appx as you need to add the certificate to the Trusted People certificates store (for each user). See Run the Packaged App in the documentation.

If you want to sign the .appx package with a trusted certificate (e.g. issued by a trusted certificate authority such as DigiCert) you need to make sure that you pass the subject (the CN) from your code signing certificate to the Desktop App Converter (using the -Publisher parameter).

Read the rest of this entry »

Just a very quick note here (mostly a note to self) but I had a couple of folder from previous Windows 10 installations named Windows.old Windows.old(1), Windows.old(2) etc.

These folders should be removed when you use Disk Cleanup and select the “Remove previous Windows Installation(s)” option.

However I already did that and for some reasons a subfolder named C:\Windows.old\Users\<username>\AppData\Local\Packages\Microsoft.Windows.Cortana_cw
5n1h2txyewy\LocalState couldn’t be deleted and therefore the parent folder couldn’t be deleted.

I couldn’t delete them with Windows Explorer nor via the cmd prompt or PowerShell. Then I tried to use the \\? prefix and that worked:

I have been working with Microsoft’s Desktop App Converter a lot recently. Even though there’s an option to autosign the resulting package with the -Sign switch I prefer to sign APPX packages myself using signtool.

The reason is that I can send UWP packages to testers for sideloading without requiring them to import the auto generated certificate (which is different on each (re)build).

However I always forget the exact path to signtool.exe (this comes with the Windows SDK).

The Windows 10 SDK is installed by default in C:\Program Files (x86)\Windows Kits\10.

Signtool.exe will be in the folder<sdkpath>\bin\<version>\<platform>\signtool.exe.

As there are multiple version of Windows 10 there are multiple version of the SDK and you can install those concurrently.

But then I found the PowerShell cmdlet Resolve-Path which “Resolves the wildcard characters in a path, and displays the path contents”.

This does exactly what I need:

Wow, Resolve-Path is a perfect example of the many hidden gems in PowerShell!

So I decided to wrap signtool.exe in a PowerShell cmdlet as PowerShell also makes it easy to locate the correct code signing certificate from the certificate store. Read the rest of this entry »

Just a very quick note: I was just installing RAD Studio 10.2.2 when I noticed the installer has an Options button:

So I clicked it to see what options are available and noticed that the "Embarcadero Customer Experience Program" is opted-in by default:

Read the rest of this entry »

This morning I wanted to install the NetScaler patch for the TLS padding vulnerability and of course I made a backup before deploying it.

Note: If you haven’t installed this patch yet I would recommended to do so: see CTX230238 and check out the ROBOT attack -Return Of Bleichenbacher’s Oracle Threat page to check which other products you may have that are vulnerable.

Upon checking the backups (I always download the backup and verify that the archive is intact) I noticed that one of my NetScaler’s uses SHA1 for the password hash whilst the other one uses SHA512:

I thought that this was a little strange as both NetScaler’s are running the exact same build. However one of them (the one that uses SHA512) was reinstalled recently whilst the one using SHA1 has been upgraded.

Read the rest of this entry »