When You Cannot Import ‘Windows_TemporaryKey.pfx’

In one of our current projects, I needed to set up our Xamarin.Forms builds on Visual Studio Team Services (VSTS). What stumped me was the following error when I was setting up VSTS for a Universal Windows Platform (UWP) app:

C:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\AppxPackage\Microsoft.AppXPackage.Targets(3516,5): error APPX0105: Cannot import the key file ‘Windows_TemporaryKey.pfx’. The key file may be password protected. To correct this, try to import the certificate manually into the current user’s personal certificate store.

Having never done this before, I consulted StackOverflow (like you do) and found the following Powershell script in a StackOverflow response:

$pfxpath = '.\Windows_TemporaryKey.pfx'
$password = $args[0]

Add-Type -AssemblyName System.Security
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import($pfxpath, $password, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]"PersistKeySet")
$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "MY", CurrentUser
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($cert)
$store.Close()

The PowerShell build step gives you the ability for Inline Scripting if you like. Personally, I prefer having it in your repository so you can track changes. Here’s what the build definition looks like:

Make sure the Working folder is pointing to your root folder and run this build step before compiling your solution.

Additionally, if you need to create a new Test Certificate for UWP, open the “Package.appxmanifest” file. Go to the Packages tab, click Choose Certificate, and then click Create Test Certificate. Enter the Publisher Common Name and specify your password.