I have been trying to upload my legacy VB6 application to the Microsoft Store. I have purchased and used a valid Code Signing Certificate. In January this was apparently accepted by the store submission process. Since 1st February it rejects my certificate saying that the signing is "weak".
I can only find references to weak vs strong as in "Strong Naming" in relation to submitting from Visual Studio. I cannot find any reference to exactly how I can resolve this problem outside of Visual Studio
I had assumed that running signtool.exe, using a Certificate that chains back correctly to a Certificate Authority accepted by the Microsoft Trust network, would work but the submission is still rejected by the store. I have used signtool verify to confirm that the msi is correctly signed and timestamped as required.
I have been in contact with Microsoft support who seemed to indicate a problem with certain OCX files which are issued and already signed by Microsoft. It may be that I may need to sign every exe, ocx etc (including those from Microsoft themselves) as MD5 is not acceptable and SHA256 is required.
Has anyone recently submitted a legacy msi to the Store successfully using a third-party Code Signing Certificate? Any guidance as to what my next step should be would be welcomed.
David