Solved

Click Once Question

Posted on 2006-06-22
4
327 Views
Last Modified: 2007-12-19
On project properties page, under signing tab, certificate created from VS2005 for C# Win Apps will expire in a year time.
Q: How can I create a permanent certificate or where can I get a permanent one?
0
Comment
Question by:michellechan57
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:boethius78
ID: 16969728
The certificate is only valid for 12 months to limit the effect of your certificate being compromised.  However, as long as the ClickOnce deployment is signed when the certificate is still valid, the application will be allowed to run.

See http://msdn2.microsoft.com/en-us/library/ms172240.aspx for more details.
0
 

Author Comment

by:michellechan57
ID: 16970569
Assuming the best deployment strategy for me is to install from the web due to certain constraint.
What will happen after the certificate becomes invalid?
0
 
LVL 3

Accepted Solution

by:
boethius78 earned 250 total points
ID: 16990479
From MSDN:
>>>
Typically, certificate expiration would mean that you need to re-sign your ClickOnce application every 12 months. Authenticode mitigates the need for this with support for time-stamping. When you sign a ClickOnce deployment using a certificate, ClickOnce records the date and time of the signing and embeds it in the deployment's digital signature. So long as the deployment was signed when the certificate was still valid, ClickOnce will allow the application to run even if the certificate has since expired.
<<<

I'm not an expert on these areas, but I'd take this to mean that as long as the installer is created while the certificate is valid, time stamping will allow installation at any time, whether the certificate is still valid or not.
0
 

Author Comment

by:michellechan57
ID: 17018686
I am not sure what is the impact or risk I face, what I did was - deploy without signing the cert.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
Introduction Although it is an old technology, serial ports are still being used by many hardware manufacturers. If you develop applications in C#, Microsoft .NET framework has SerialPort class to communicate with the serial ports.  I needed to…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now