Hello,
I recently encountered the expiring certificate issue in VS2005 and would like to get a bit of clarificationas tomy options. I've been reading a number of threads on the net, but a few things are still not clear.
Briefly, the project in question was developed on an XP/VS2005/.Net 2.0 platform using ClickOnce deployment. I was using the default certificate automatically generated by VS2005, which expired on 11/24. When I attempted a recent publish, I received what seems to be the standard error message;
Error 1 Cannot publish because a project failed to build.
Error 2 An error occurred while signing: Failed to sign bin\Debug\app.publish\\setup.exe. SignTool Error: ISignedCode:
ign returned error: 0x80880253
The signer's certificate is not valid for signing.
SignTool Error: An error occurred while attempting to sign: bin\Debug\app.publish\\setup.exe
Coincidentally, the certificate expired during the window of time when I was transitioning from my original XP/VS2005/.Net 2.0 development PC to a new XP/VS2008/.Net 3.5 PC. It was on my first attempt to publish on the new machine that I first encountered the problem. Going back to my old PC, which is still just as it was, an attempt to publish generates the same error. (The project was simply copied to the VS2008 PC after the certificate expired)
In short, I don't care about certificate/signing as this is an internal application used by about 20 people in our department.
Given the above, I am wondering�/strong>
1.) I've read that while signing is mandatory in VS2005, it is optional in VS2008. I've tried, on the VS2008 machine, simply unchecking the "Sign the ClickOnce manifests" box and then publishing, however this generates the same error as above. It appears that since the certificate has already expired, the fact that VS2008 does not require signing will not do me any good at this point. Is this correct?
2.) I've read that I should be able to simply click the "Create Test Certificate" button on the Signing tab and create a new certificate to replace the expired one, after which I should be able to publish and be off and running. Is this correct? If so, does this simply create another of the 'default' certificates, such as the one that was originally created with a one year lifespan?
3.) I've read some about the renewcert solution but users seem to be getting mixed results from using it. Is this a reliable option to renew the expired certificate?
4.) I've read of one workaround whereby you simply change the date on the development PC to a pre-expiration date, publish, and then return your date to normal. Apart from the fact of this being rather clunky, are their any other drawbacks/side-effects of doing this?
5.) Some threads seem to suggest that not only will an expired certificate prevent users from installing new publishings, but it can also prevent the user from running the version of the app currently installed on their PC. Is this correct?
6.) Lastly, some threads seem to indicate that if you can fix the issue with renewcert you are good to go, but if you end up having to install a new certificate that you willalso be obliged to uninstall the original app from all clients before they can successfully install anything published using the new certificate. Is this correct?
Sorry for the long post - I'm just trying to figure out what options I have.
Thank You for any assistance you can offer.
index > ClickOnce and Setup & Deployment Projects > Yet Another Expired Certificate Question(s).