Contents:
- Overview
- Download Certificate
- Installing the Certificate on Windows
- Installing APPX / MSIX Packages
- Installing Unsigned MSIX Bundles
- Removing the Certificate
Overview
delivr.to’s APPX and MSIX test payloads are signed with a self-signed Authenticode certificate (CN=delivr.to). Windows requires the signing certificate to be trusted before it will install these packages.
Rather than extracting the certificate from each package, you can download and install it once from this page.
Certificate details:
| Field | Value |
|---|---|
| Subject | CN=delivr.to |
| Issuer | CN=delivr.to (self-signed) |
| Key | RSA 2048-bit |
| Signature | SHA-256 |
| Validity | 2026-02-23 to 2036-02-21 |
| SHA-256 Fingerprint | E4:D4:81:20:5D:F3:77:AC:E9:8D:60:25:DB:7F:C5:C6:A5:66:D6:C5:B8:D5:E9:5E:9A:08:66:8F:3F:EA:6F:1E |
Download Certificate
Download delivr.to.cer (DER format)
Installing the Certificate on Windows
- Download
delivr.to.cerusing the link above - Double-click the
.cerfile - Click Install Certificate…
- Select Local Machine and click Next
- Select Place all certificates in the following store and click Browse…
- Select Trusted Root Certification Authorities and click OK
- Click Next, then Finish
Alternatively, install via PowerShell (run as Administrator):
Import-Certificate -FilePath delivr.to.cer -CertStoreLocation Cert:\LocalMachine\Root
Note: Because the delivr.to certificate is self-signed (it is both the root and the signer), it must be installed into the Trusted Root Certification Authorities store. Windows requires the root of the signing chain to be trusted there for APPX/MSIX installation. Remove the certificate after testing to avoid leaving a custom root CA installed.
Installing APPX / MSIX Packages
Once the certificate is trusted, install the package by either:
- Double-clicking the
.appxor.msixfile and clicking Install in the App Installer dialog - PowerShell:
Add-AppxPackage -Path test.appx
Removing the Certificate
To remove the certificate after testing:
- Open
certlm.msc(Certificate Manager for Local Machine) - Navigate to Trusted Root Certification Authorities → Certificates
- Right-click the delivr.to certificate and select Delete
Or via PowerShell:
Get-ChildItem Cert:\LocalMachine\Root | Where-Object { $_.Subject -eq "CN=delivr.to" } | Remove-Item