“清单XML签名无效”;在客户端计算机上,但在开发人员计算机上工作正常 [英] "Manifest XML signature is not valid" on client machine but works fine on developer computer
问题描述
在工作中,我们有一个ClickOnce应用程序,当客户端尝试安装该应用程序时,它会引发异常:
从文件:/ FILEPATH中读取清单的异常:清单可能无效或无法打开文件。
清单XML签名无效
无法为提供的签名算法创建SignatureDescription。
为解决此问题,我们最终使用了另一个证书文件,并且该文件运行正常(对清单进行了签名)。
但是我们不明白为什么将其安装在开发人员机器上(即使不是与该应用程序一起工作的开发人员)也可以工作,但不适用于客户端计算机吗?
我们没有太多有关如何创建证书或ClickOnce软件包的信息,因为执行证书的人已经走了并且没有离开文档
正在使用的证书没有密码,普通用户没有管理员权限。
来自堆栈溢出问题 清单XML签名无效 ,我可能猜到问题出在,他们是使用创建的项目和证书.NET Framework 4.5,然后将应用程序设置为与.NET Framework 4.0一起运行时,他们没有更改签名算法。但是然后我认为它也对开发人员也不起作用。
您能给我的任何见解将不胜感激。
更新:自Visual Studio 2013 Update 3起已修复。尝试从该VS版本或更高版本发布应用。 p>
上一个答案:
这是因为您的开发人员计算机安装了.NET 4.5,而客户端计算机仅安装了.NET已安装4.0。 .NET 4.0客户端计算机无法读取清单文件,因为它们希望使用SHA-1,而.NET 4.5开发人员计算机可以读取清单文件。
请参见此博客文章其他一些上下文。
此更改是由于以下事实:我们停止了将旧证书作为默认值(SHA-1)使用NetFX4.5可以对清单进行签名,而应使用NetFx4.0运行时无法识别的较新版本(SHA-256)。因此,在解析清单时,4.0运行时会抱怨清单无效。对于旧式框架,当我们尝试在没有目标运行时的盒子上运行ClickOnce应用时,ClickOnce会弹出一条消息告诉用户您需要xxxx.xx运行时才能运行此应用。但是从.NET 4.5开始,如果仅安装了.NET 4.0的包装盒上运行了4.5 ClickOnce应用程序,则该消息会抱怨清单无效。为了解决该问题,您必须在目标系统上安装.Net Framework 4.5。
尝试使用SHA-签名清单1个证书而不是SHA-2证书。
At work we had a ClickOnce application that, when the client would try to install, was throwing the exception:
Exception reading manifest from file:/FILEPATH: the manifest may not be valid or the file could not be opened.
Manifest XML signature is not valid.
SignatureDescription could not be created for the signature algorithm supplied.
To solve this, we ended up using another certificate file, and it worked fine (resigned the manifest).
But we can not understand why it would work to install the application in the developers machines (even developers that were not working with the application), but it would not work for the clients' machines?
We don't have much information on how the certificates were created or the ClickOnce package, because the person that did it is gone and didn't leave documentation about it.
The certificate that was being used didn't have a password and normal users do not have administrator rights.
From Stack Overflow question Manifest XML signature is not valid, I could guess that the problem maybe was that they created the project and certificate with .NET Framework 4.5 and then when they set the application to run with .NET Framework 4.0, they didn't change the signature algorithm. But then I would asume it shouldn't work for the developers either.
Any insight you could give me would be greatly appreciated.
Update: This is fixed as of Visual Studio 2013 Update 3. Try publishing your app from that version of VS or later.
Previous answer:
It's because your developer machine had .NET 4.5 installed, while your client machines only had .NET 4.0 installed. The .NET 4.0 client machines can't read the manifest, as they expect SHA-1, while the .NET 4.5 developer machines can.
See this blog post for some additional context.
This change is due to the fact that we stopped using legacy certificates as default (SHA-1) in NetFX4.5 to sign manifest and instead, use newer version (SHA-256), which is not recognized by NetFx4.0 runtime. Therefore, while parsing the manifest, 4.0 runtime complains of an invalid manifest. For legacy frameworks, when we try to run a ClickOnce app on a box that does not have targeted runtime, ClickOnce pops up a message to user saying "you need xxxx.xx runtime to run this app". But starting .NET 4.5, if a 4.5 ClickOnce app is run on the box with only .NET 4.0 installed, the message complains about an invalid manifest. In order to resolve the issue, you must install .Net Framework 4.5 on the target system.
Try signing your manifest with a SHA-1 certificate instead of a SHA-2 certificate.
这篇关于“清单XML签名无效”;在客户端计算机上,但在开发人员计算机上工作正常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
