ClickOnce fails to load after digital signature expired / renewed

G

George

Recently, i was unable to publish my ClickOnce application because my
Thawte Code Signing certificate had expired. I had renewed it, but
had not yet gotten around to changing it in the project/properties/
signing section of visual studio. I then took the new PVK and SPC
files provided by Thawte (with my renewal) and generated a PFX file
using the utility PVK2PFX supplied by VS2005. I then changed updated
my propject/properties/signing section in VS2005 and used the new PFX
file - which had all the correct info on it. I then did a publish!

Now, existing installs of this ClickOnce application cannot start the
application due to a ClickOnce error. The error builds down to "The
deployment identity does not match the subscription." In googling
this error i have found it explained on Microsoft's website as a known
problem. I am now forced to have 1500 users uninstall / reinstall
the application to move forward... just because my code signing cert
expired.

Does this sound right?

This would mean that Microsoft failed to notice that the lifespan of a
code signing certificate would define the maximum lifespan of a
ClickOnce application. That's disasterous.

Can anyone shed more light on this? Did i do something wrong when i
renewed my certificate with Thawte? How can i avoid this in the
future when my next one expires?

PLEASE HELP
 
D

DBC User

Recently, i was unable to publish my ClickOnce application because my
Thawte Code Signing certificate had expired.   I had renewed it, but
had not yet gotten around to changing it in the project/properties/
signing section of visual studio.   I then took the new PVK and SPC
files provided by Thawte (with my renewal) and generated a PFX file
using the utility PVK2PFX supplied by VS2005.   I then changed updated
my propject/properties/signing section in VS2005 and used the new PFX
file - which had all the correct info on it.  I then did a publish!

Now, existing installs of this ClickOnce application cannot start the
application due to a ClickOnce error.   The error builds down to "The
deployment identity does not match the subscription."   In googling
this error i have found it explained on Microsoft's website as a known
problem.   I am now forced to have 1500 users uninstall / reinstall
the application to move forward... just because my code signing cert
expired.

Does this sound right?

This would mean that Microsoft failed to notice that the lifespan of a
code signing certificate would define the maximum lifespan of a
ClickOnce application.   That's disasterous.

Can anyone shed more light on this?  Did i do something wrong when i
renewed my certificate with Thawte?  How can i avoid this in the
future when my next one expires?

PLEASE HELP

George,

I ran into the same problem. It is a known issue with click once.
Please visit the Miscrosft Click Once forum and it is been discussed
in very detail. This is issue addressed in Orcas. Sorry couldn't be of
more help. In my case I wasn't singing with thrid part certificate as
I knew about this problem. I extended the date of the expiry to a far
future date thus making my certificate not expiring.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top