Certificates
-
I have many VS 2003 and 2005 (VB) projects being used within our organization. These applications are windows forms based and not web. The applications are click-once based and when I publish updates to the server, the clients can get updated automatically. This all works great until a few months later. When installing the applications the screens warn that the application is not a trusted publisher, but I continue to install past this. The application seems to setup a temporary key/certificate that expires in a few months. When I make a change after the expiration date, I can obtain another temporary certificate from the certificate store for a few more months, but all my click once clients crash because the identity has changed. My boss and his boss say they can buy a certificate for a specific server, but to me that doesn't make sense. Wouldn't you buy a certificate for the company and any application we create can use that certificate no matter where our client is executing the program. I'm hoping someone can point me in the right direction. Confused and not trusted :confused:
Lost in the vast sea of .NET
-
I have many VS 2003 and 2005 (VB) projects being used within our organization. These applications are windows forms based and not web. The applications are click-once based and when I publish updates to the server, the clients can get updated automatically. This all works great until a few months later. When installing the applications the screens warn that the application is not a trusted publisher, but I continue to install past this. The application seems to setup a temporary key/certificate that expires in a few months. When I make a change after the expiration date, I can obtain another temporary certificate from the certificate store for a few more months, but all my click once clients crash because the identity has changed. My boss and his boss say they can buy a certificate for a specific server, but to me that doesn't make sense. Wouldn't you buy a certificate for the company and any application we create can use that certificate no matter where our client is executing the program. I'm hoping someone can point me in the right direction. Confused and not trusted :confused:
Lost in the vast sea of .NET
It is possible for you to create your own internal certificate, dammed if I can find the link though, sorry. Note that you can set the key expiry to 2050 When starting a development step 1 is to include the key. As yours is already deployed you are giong to have to create aand include the new key (set a long expiry date) remove the existing key uninstall ALL clients to get rid of the old version deploy the new version We had a lot of trouble changing keys on an existing app but persevered till the thing did as it was told - good luck
Never underestimate the power of human stupidity RAH
-
It is possible for you to create your own internal certificate, dammed if I can find the link though, sorry. Note that you can set the key expiry to 2050 When starting a development step 1 is to include the key. As yours is already deployed you are giong to have to create aand include the new key (set a long expiry date) remove the existing key uninstall ALL clients to get rid of the old version deploy the new version We had a lot of trouble changing keys on an existing app but persevered till the thing did as it was told - good luck
Never underestimate the power of human stupidity RAH
If you don't have the link, do you remember how you created the certificate. I'm trying to use the makecert.exe utility, but when I use the parameter to specify a store name to put the certificate in, I don't see it using Certmgr.exe or in Visual Studio. I used the syntax below to at least create a file on my system that I could find and try to pull into my application, but I'm having no success. makecert.exe -n "CN=VBAppsCertificate" -e 01/01/2070 -b 01/29/2008 -pe testCert.cer If you remember the process you took to create the certificate please let me know. I appreciate your help. It really sounds like it is a solution to our problem. I'm just not understanding all the Makecert.exe parameters and once I create the certificate I can't seem to find it. Thanks :sigh:
Lost in the vast sea of .NET
-
If you don't have the link, do you remember how you created the certificate. I'm trying to use the makecert.exe utility, but when I use the parameter to specify a store name to put the certificate in, I don't see it using Certmgr.exe or in Visual Studio. I used the syntax below to at least create a file on my system that I could find and try to pull into my application, but I'm having no success. makecert.exe -n "CN=VBAppsCertificate" -e 01/01/2070 -b 01/29/2008 -pe testCert.cer If you remember the process you took to create the certificate please let me know. I appreciate your help. It really sounds like it is a solution to our problem. I'm just not understanding all the Makecert.exe parameters and once I create the certificate I can't seem to find it. Thanks :sigh:
Lost in the vast sea of .NET
This is from the dev in our group who did the work! Method 2 : as requested by Mark :) 1. Create your own certificate and pvKey. using Make Cert run in .NET command prompt makecert -n "CN=SomeName" -pe -b 01/01/2007 -e 12/31/2039 -sv c:\SomeName.pvk c:\SomeName.cer 2. Generate pfx: run in .NET command prompt pvk2pfx.exe -pvk c:\SomeName.pvk -pi password -spc c:\SomeName.cer -pfx c:\SomeName.pfx -po password -f I tested this and applied it to a new window application. need to test this out on actual application and deployment... The advantage of this is we can make use of a single cert for ALL our applications, but we have to do a uninstall for all the existing client and install the app with the new certificate. References : Creating and publish own cert Makecert pvk2pfx Tool I hopwe this helps!
Never underestimate the power of human stupidity RAH
-
This is from the dev in our group who did the work! Method 2 : as requested by Mark :) 1. Create your own certificate and pvKey. using Make Cert run in .NET command prompt makecert -n "CN=SomeName" -pe -b 01/01/2007 -e 12/31/2039 -sv c:\SomeName.pvk c:\SomeName.cer 2. Generate pfx: run in .NET command prompt pvk2pfx.exe -pvk c:\SomeName.pvk -pi password -spc c:\SomeName.cer -pfx c:\SomeName.pfx -po password -f I tested this and applied it to a new window application. need to test this out on actual application and deployment... The advantage of this is we can make use of a single cert for ALL our applications, but we have to do a uninstall for all the existing client and install the app with the new certificate. References : Creating and publish own cert Makecert pvk2pfx Tool I hopwe this helps!
Never underestimate the power of human stupidity RAH
Thanks!!! I followed the steps and created the certificate. I tested it out using a Visual Studio application and it works great! Thanks again :-D
Lost in the vast sea of .NET