ClickOnce Settings

Question

ClickOnce Settings

I'm stuck here a bit, I have a .net 3.5 sp1 application that I want to deploy locally to other computers on my network using ClickOnce.

During installation, they receive a warning message that this application belongs to an unknown publisher, etc.

My boss does not want to buy verisgn certificate. He just wants it to be installed and not request error messages.

Is it possible?

Some notes on the Microsoft website suggest that changes have been made in this area.

"ClickOnce application publishers can now opt out of signing and hashing the ClickOnce manifest as they see that they are suitable for their scripts."

thanks

Tim

+6

security clickonce signing

Tim Dec 04 '08 at 11:30

source share

2 answers

Mitchell gilman · Answer 1 · 2008-12-04T14:31:16+0000

Since you are on your own network, you can create your own trusted certificate publisher. To do this, install the certificate authority services on one of your servers and create a code signing certificate. By default, your user computers will not trust the certificate, so follow these steps on each computer:

certmgr.exe -add -c MYRootCertificate.cer -s -r localMachine root

certmgr.exe -add -c MyCodeSigningCert.cer -s -r localMachine TrustedPublisher

Firstly, so that your computers trust your internal CA server (to get rid of the "untrusted publisher" message), and secondly, to trust applications signed with your certificate.

After that, any of your signed applications will work without security warnings.

Jacob Proffitt · Answer 2 · 2009-02-12T19:14:28+0000

The answer to Mitchell is good, but if you do not have an Enterprise Edition server, you cannot configure the templates, and the code signing template is marked as "impossible." This means that you cannot use the certificate in Visual Studio and must have an after-process that signs your manifests.

Now this is a function, not an error, make no mistake. A typical software store does not want developers to sign manifestos for public consumption from Visual Studio. However, I personally in the store where I do , I want this functionality. Fortunately, I was able to find a long way to get the exported pfx key file , which has privileges to sign the code. If you need it, this can be helpful.

ClickOnce Settings

More articles: