Windows Develop Bookmark and Share   
 index > ClickOnce and Setup & Deployment Projects > Has ClickOnce been fixed in VS2008?
 

Has ClickOnce been fixed in VS2008?

Now that VS2008 (RTM) is out, I’ve been looking for the ‘solution�to the problem of re-signing ClickOnce deployed programs with renewed certificates.

This issue is covered in the knowledgebase article: http://support.microsoft.com/?kbid=925521

A fix to this problem was promised for the next version of Visual Studio. I’ve read most all the topics in the VS2008 documentation on ClickOnce and have not received a clear answer as to what has been done or what new ClickOnce deployment technique I should be using to circumvent this issue.

There is, I believe, a new feature spoke of in the help topic: Add a Trusted Publisher to a Client Computer for ClickOnce Applications. This may be the answer because it describes a process that allows the Certificate to be trusted in the organization such that the certificate’s publisher is trusted and the fact that the certificate may have been regenerated (because the old one has expired) is not a factor in the ClickOnce system’s decision-making process to install or update a ClickOnce deployed application. I assume the client must have Framework 3.5 for this to work.

What I’m looking for is a clear statement as to what has been done to address this ClickOnce issue and the steps necessary to implement the solution.

Again, the issue is: ClickOnce applications distributed to multiple client computers within an organization (its Intranet) fail to update if you have deployed an update to the program signed with a renewed certificate (because the old one has expired after, typically, one year). The failure is because “renewing certificates�is really a misnomer in that the certificate is generated anew with new public and private keys but having the same meta-data describing the publisher. So, the certificate outwardly looks the same, but is really not the same. Then ClickOnce sees an assembly that has been updated and signed with a ‘different�certificate than the one that signed the assembly currently installed on the client’s computer. This results in a failure of the update because ClickOnce is assuming that it is looking at a “Trojan Horse�assembly.

tmcrocker  Wednesday, November 28, 2007 4:07 PM

I'd love to know this as well - I have a productiona application deployed for a client who's certificate will expire after the beginning of the year.

Mike.Clevenger  Tuesday, December 04, 2007 8:59 PM

You can use google to search for other answers

Custom Search

More Threads

• Editor for Exes
• How can output file name include product version number?
• ClickOnce error when referencing multiple executables
• Installation doesn't rollback automatically?
• deployment
• Application does not run under user privileges
• Deploy Windows Service via Group Policy
• Get Rid of Warning Screen in Setup Program
• Are certificates dedicated to individual Click Once apps, or reusable?
• How to install a file only once, and keep it there through multiple installs and uninstalls
Home          Copyright 2009-2010 by windowsdevelop.com All rights reserved