ClickOnce,签名清单和证书路径 [英] ClickOnce, signing manifests, and certification paths
问题描述
我正在尝试通过ClickOnce从网站设置应用程序进行部署,显然无法让ClickOnce正确签署清单。
I am attempting to set up an application for deployment via ClickOnce from a website, and apparently am unable to get ClickOnce to correctly sign the manifests.
我通过Thawte获得了证书。为了使用.pfx文件验证一切正常,我创建了一个简单的可执行文件,使用带有/ f开关的SignTool来指定.pfx文件以对其进行签名,然后在测试环境中从Web运行它。询问我是否要运行它的对话框能够正确识别我的公司作为发布者,并在证书详细信息对话框中,在证书路径下,它正确显示:
I obtained a certificate through Thawte. To verify everything was okay with the .pfx file, I created a simple executable, used SignTool with the /f switch to specify the .pfx file to sign it, and then ran it from the web in a test environment. The dialog box asking whether I wanted to run it or not was able to correctly identify my company as the publisher, and in the certificate details dialog, under certification path, it correctly displayed:
Thawte Premium Server CA
Thawte Code Signing CA
My Company LLC
Thawte Premium Server CA
Thawte Code Signing CA
My Company LLC
然后我创建了一个测试应用程序,使用ClickOnce进行部署,选中"在ClickOnce清单上签名"在项目属性中签名选项卡,单击"从文件中选择"按钮,然后选择与上一个测试中使用的文件相同的文件。然后我发布了应用程序,并尝试使用与上一步相同的测试机器进行安装。这一次,询问我是否要运行它的对话框似乎也正确地将我公司识别为发布者,但当我点击公司名称上的热链接时,证书对话框显示"Windows没有足够的信息验证此证书。"在证书路径选项卡上,缺少Thawte的两个条目,它只显示我公司的名称带有黄色警告三角形。
I then created a test application to deploy using ClickOnce, checked 'sign the ClickOnce manifests' on the signing tab in project properties, clicked the 'select from file' button, and chose the same file as used in the previous test. I then published the application and attempted to install it using the same test machine as the previous step. This time, the dialog box asking me whether I wanted to run it or not also seemed to correctly identify my company as the publisher, but when I clicked the hotlink on my company's name, the certificate dialog said "Windows does not have enough information to verify this certificate." On the certification path tab, the two entries for Thawte were missing, and it only showed my company's name with a yellow warning triangle.
我尝试使用mageui的说明手动重复部署过程和演练,并得到了相同的结果 - 在第一个测试用例中工作正常的证书似乎无法在与ClickOnce一起使用时链回到root权限。
I tried repeating the deployment process manually using the instructions for mageui and the walkthrough, and had the same result -- the certificate which worked fine in the first test case seems to be unable to chain back to the root authority when used with ClickOnce.
有没有人看到这样的事情或有任何解决方法/解决方法的想法?
Has anyone seen anything like this or have any ideas for workarounds/fixes?
推荐答案
我也一样Thawte Code Signing CA的问题。
想知道问题的解决方案还是我必须从VeriSing购买证书?
有人在读这个帖子吗?
I am having the same issue with Thawte Code Signing CA.
Wondering is there a resolution to the issue or I have to purchase certificate from VeriSing?
Is anybody reading this thread?
这篇关于ClickOnce,签名清单和证书路径的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
