How to sign a ClickOnce application
Question
I have a ClickOnce application that I built for a client, and I need it to be from a trusted publisher. How do I go about acquiring an Authenticode certificate and sign my application with it? So that when the application is launched, it's from a trusted publisher?
How do I install the certificate? Do I have to install it on my development server or does it matter where I install it?
How does the whole process work? I don't want to spend 3-5 hundred dollars on a certificate, and install something wrong and be out of luck.
Are there good tutorials on purchasing and installing a certificate and signing a ClickOnce application?
1 answers
solution1
18 ACCPTED 2012-03-07 23:27:07
I recently went through this process. A certificate is not that expensive - we got a code-signing certificate for less than a $100.
After you have the certificate, follow the FAQ HOWTO: Code signing how-to * to sign your code (binaries).
After that, you have to go to project properties -> Signing and upload your certificate there as well (it's for ClickOnce). You can skip code signing though and sign ClickOnce only.
ClickOnce requires a certificate for code signing, and others will not work, see ClickOnce Deployment and Authenticode :
For ClickOnce applications, you must have an Authenticode certificate that is valid for code signing; if you attempt to sign a ClickOnce application with another type of certificate, such as a digital e-mail certificate, it will not work.
Jan'18 UPDATE: StartSSL is not trusted anymore, and I did NOT find any free (or similar to what StartSSL was offering) code signing certificates. At the end of the day, I went with ksoftware.net - $84/year for Comodo code-signing certificate (but you need to have DUNS record available for them to check!)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.