I am using vb.net vs2005 sql server2005
When i publish to a file location, i get this.
Error 55 SignTool reported an error 'Failed to sign bin\Release\MainProject.publish\\setup.exe. SignTool Error: ISignedCode::Sign returned error: 0x80880253
The signer's certificate is not valid for signing.
SignTool Error: An error occurred while attempting to sign: bin\Release\MainProject.publish\\setup.exe
'. MainProject
I have been publishing to a file folder all year without a problem. Apparently there is a certificate that had expired on July 2, 2009.
I dont want to use certificates at all. I just want to be able to re-publish when i make a change, and have my users get that change.
All i want to do is publish to a file folder, and have the users "one click" run the app.
When iuncheck the "Sign theClickOnce manifest" , the process of publishing it re-checks it.
I also uncheck the"Enable ClickOnce Security setting". But the publish funtion also forces a check mark there as well.
It there any way to disable the certificate part of this, so that i can simply publish to a file location and have my users be able to run the app without it expiring in a year or without any certificate involvement at all???????
Thank You
Jerry Cicierega
| | JerryCic Tuesday, July 21, 2009 6:33 PM | You can use makecert to create a test certificate with a date really far in the future (http://msdn.microsoft.com/en-us/library/bfsktky3(VS.80).aspx).
With VS2008 SP1, you won't have to sign your deployments (http://msdn.microsoft.com/en-us/library/che5h906.aspx), so if signing is a major issue, you can upgrade. But if you don't need any of the additional nifty ClickOnce features of 3.5 SP1, I would stick with what you've got and just create a certificate that doesn't expire for a while.
HTH,
Jennifer - Marked As Answer byKira QianMSFT, ModeratorTuesday, July 28, 2009 7:45 AM
-
| | jenlouie Monday, July 27, 2009 7:37 AM | Hi JerryCicï¼?br/>
Signing the manifest is necessary for ClickOnce deployment. VS always check the signing option if you uncheck it. You cannot publish a ClickOnce application without certification. Once the certification is expired, please create a new one.
If you need further help, please feel free to tell me.
Sincerely,
Kira Qian
Please mark the replies as answers if they help and unmark if they don't. | | Kira Qian Thursday, July 23, 2009 3:04 AM | Hi
Thank you for your response.
Is there anyway to create a certificate that lasts forever?
Why does the test certificate expire after one year?
How can i create a non test certificate?
This is all in house deployment. I don't really need any of the certificate security features.
But if i must use them, what is the best way to make the use of certificates as transparent as possible?
Over the next several years, I expect to make many changes to the app and then publishing it. My expectation is that all the users will get the new version the next time they click on the app.
I guess i need to understand the role of the certificate, and how its identity and expiration date impacts the user's experience. I dont want to bump into any surprises a year from now.
If the certificate expires and i dont make any changes to the app, will the user still be able to use the app?
Thank You
Jerry Cicierega
| | JerryCic Saturday, July 25, 2009 4:02 AM | Hi JerryCic,
Though I haven't found any way to create a certificate without expire date. But I found a document talking about the solution to the expired certificate.
http://support.microsoft.com/default.aspx/kb/925521/en-us
Method 2
Uninstall the ClickOnce application that you signed by using the expired certificate. Then, reinstall the updated ClickOnce application that uses the new certificate.
Method 3
Create a command-line assembly that updates the certificate.
I think the method 3 is the possible way to solve the issue without let your users uninstall the application.
Anyway, Visual Studio doesn't offer the way to create a certificate other than test certificate. May be there are some third part tools support to create long expire date certificate.
Sincerely,
Kira Qian
Please mark the replies as answers if they help and unmark if they don't. | | Kira Qian Monday, July 27, 2009 2:32 AM | You can use makecert to create a test certificate with a date really far in the future (http://msdn.microsoft.com/en-us/library/bfsktky3(VS.80).aspx).
With VS2008 SP1, you won't have to sign your deployments (http://msdn.microsoft.com/en-us/library/che5h906.aspx), so if signing is a major issue, you can upgrade. But if you don't need any of the additional nifty ClickOnce features of 3.5 SP1, I would stick with what you've got and just create a certificate that doesn't expire for a while.
HTH,
Jennifer - Marked As Answer byKira QianMSFT, ModeratorTuesday, July 28, 2009 7:45 AM
-
| | jenlouie Monday, July 27, 2009 7:37 AM | A certificate verifies the publisher of an application. If you purchase one from Verisign or thawte (for example), when the user installs the application, it will give your company name instead of saying "unknown publisher". This tends to give customers a warm, cosy feeling. A certificate is also used to digitally sign the deployment, to make sure nobody tampers with it. This ensures that nobody substitutes malicious files for yours, for example. This can be accomplished with either a purchased certificate or a test certificate. If you check out this article on expiring certificates, I think it will provide you with some helpful information. It also has specific instructions on how to create certificates that last as lonas you want them to. http://robindotnet.wordpress.com/2009/03/30/clickonce-and-expiring-certificates/If the certificate expires, the user will still be able to use the application. You can also create a new certificate with the same public key token and extend it if you need to using renewcert (not the one on MSDN -- it doesn't work), which is also explained in this article. If you work in an enterprise environment, a certificate can be created by the people who support the network. If you want more info about that, post back and ask. RobinDotNet
Click here to visit my ClickOnce blog! | | RobinDotNet Wednesday, July 29, 2009 9:39 AM | Hi
Jennifer:
Your answer is the one i was looking for.
Especially the prospect of having control over the determination as to the need for certificate signing in vs2008 sp1.
I have vs2008 but this project is being developed in2005.
All my concerns are now resolved. Thank you!
What if i abandon my project or what if the client terminates our relationship. I asume that if the client adds a new workstation after the certificate expires, that they would not be able to run the software.
Can you imagine me telling my client that after a certain amount of time, he will not be able to use the software?
If the system allows for creating a certificate that expires in 2099 why not just allow one click deploy without signing.
I am glad that vs2008 sp1 allows this.
RobinDotNet
You Say: "If the certificate expires, the user will still be able to use the application." but will they be able to install it on a new computer?
by the way,thank you too for your reply.
And thank you too Kira Qian!
Jerry
| | JerryCic Thursday, July 30, 2009 1:32 AM |
|
index > ClickOnce and Setup & Deployment Projects > One click publishing error 55. I dont want to use certificates at all.