Continuing discussion from mintty/wsltty #63.

• As a signed Appx: Extract wsltty.zip in the cloned wsltty.appx folder. Then run the build.cmd script which make appx and signed it with users own signed certificate. The folder structure of wsltty.zip will be like following:

+---bin
|       cygwin-console-helper.exe
|       cygwin1.dll
|       mintty.exe
|       wslbridge-backend
|       wslbridge.exe
|       
+---usr
    +---share
        +---mintty
            +---lang
            +---themes

But user does need the Windows SDK tools to sign (and may be Build tools). This procedure secures the package installation and user doesn't need to enable Developer mode.

• As a unsigned ZIP: User can download it from release page directly (will be added). Then extract ZIP file and run the command from powershell: Add-AppxPackage -Path <Path_To_AppxManifest.xml> -Register. The folder structure of build folder like following:

+build
|
|   AppxManifest.xml
|   resources.pri
|   
+---Assets
|       
+---bin
|       cygwin-console-helper.exe
|       cygwin1.dll
|       Launcher.exe
|       Launcher.exe.config
|       mintty.exe
|       wslbridge-backend
|       wslbridge.exe
|       wsltty.ico
|       
+---usr
    +---share
        +---mintty
            +---lang
            +---themes

With this procedure user does not need any developer tools but needs to enable Developer mode in Settings. This also is not certified.
Further Details will be added later.

Sounds good... how does it work? Surprised it should be as easy after all the build trouble we've had before. I would be curious about some background.
(Note that I'm offline for a few days now.)

You may think it as a offline-portable installer. Here I explain the difference between the Appx installation and Add-AppxPacakge command.

• With signed AppX package:
  • Pros: Secured with certificate. User can't tamper the package and installed files. Less privileges. Developer mode not required.
  • Cons: Developer has to provide AppX and self-signed Certificate both. Users have to install the certificate before installing the AppX. This process may seem to be boring to users.
• With unsigned unpackaged files (wsltty.zip):
  • Pros: Just run the command Add-AppxPackage -Path <Path_To_AppxManifest.xml> -Register from powershell and installed. Users like this. And also easy to repair, just uninstall and re-install. Developers has not to provide certificates.
  • Cons: Unsecured. Users can tamper files. More privileges. Users have to enable developer mode.

See this article: https://www.howtogeek.com/285410/
About Add-AppxPackage command: https://technet.microsoft.com/en-us/library/hh856048.aspx

I've successfully install wsltty in UWP environment with Add-AppxPackage command without launcher. I'll provide a temporary link to try it. But there are two problems (probably in mintty).

1. mintty can't find the wsltty.ico which has to be appear in mintty window. Add the default wsltty.ico, like mintty.exe --icon .wsltty.ico.
2. mintty can't save its configuration. It shows error ./home/<user_name>/.minttyrc could not saved. So mintty (renamed to wsltty) has to create that ./home/.minttyrc file manually.

I'm getting an error 0x80070005 "Permission denied". Started from an admin-shell.

About the two errors:

1. You could deploy the icon and copy it to usr/share/mintty/icon in the launcher. Or it might be linked in as a resource in the wsltty build, but I'd prefer the lighter option.

2. Wondering about "Saved Pictures"; how does it get in here? Anyway, after starting from an auxiliary place (where it was copied), the configdir should be $APPDATA/wsltty, and since option --configdir is not an option, I'll add that to the implicit configuration triggered by being wsltty.exe.

Have you enable developer mode in settings?
As I said before one can install that unpacked installation process from any folder, so I saved in "Pictures" folder.
There should be no option to launch wsltty for this method. It will be better if wsltty automatically create that folder and file. Like (not real functions, just idea):

GetEnvironment(%UserName%);
CreateFolder(%CurrentFolder%\\home\\%UserName%\\.minttyrc)

For the icon, I'd prefer if you deploy it with the package as described. Please also the new charnames.txt file. I've just uploaded patches for both to the wsltty repository.

About implied --configdir "$APPDATA"/wsltty, I plan to take care of that tomorrow. Also about path conversion (mintty/wsltty#91).

I think I found the best way to handle the --configdir issue. Untested, please check.

About the icon, the launcher sets --icon \"{exePath}\\wsltty.ico\". Would exePath here refer to the target location of copied files? Then wsltty.ico needs to be copied too.

For the deployment without launcher, wsltty.ico would have to be deployed as wsl.ico in the location I indicated.

I said that if you install from install.cmd (i.e. without launcher/appx) you don't need to copy. All happen from execution path as in wsltty.

I've tested latest mintty. But the two errors remains. 1. I've added the wsl.ico in /usr/share/mintty/icon folder but it doesn't appear in mintty window. 2. When I want to save the preferences it shows this error: "Couldn't save options to <box_icon>: No such file or directory". My idea: At first launch, mintty automatically creates the /home/<user_name> folder and .minttyrc file if they are not present.

Do you know details about openssl commands? I've seen an article that .pfx file can be created with openssl commands. That may be replaced with Windows SDK tools. Users may sign Appx with openssl in cygwin (or alternatives).
Here is the article: https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/

I once created a pgp key with openssl and it was such a nightmare to find out how it works inmidst the vast poorly structured documentation that I do not feel like repeating that experience. I have the impression you are quite good at investigating such procedures. If the whole signing could be done with openssl that would indeed be great; I do not know it.

Closing this issue after the signed appx package has been launched.
About openssl signing, you may open another issue if you like, or just find out...

Actually, the page you linked to explains how to create a .pfx, not how to create a .cer which is needed first.