2

I have an application developed with Visual Studio 2008 and distributed throught ClickOnce. This application is created especially for one client. The network administrator of this company allows me to install this application only with signed executable with a digital certificate. A policy rule will check for the signed certificate on my executable and block otherwise.

My question: do I need to have both setup.exe (ClickOnce) and mysoft.exe (the application installed by this ClickOnce package) signed with a digital certificate?

Thanks.

4

2 回答 2

2

是的,您需要签署这两个文件,但这根本不是问题 - 只是构建脚本中的另一行。

请注意,您还需要在签名上加上时间戳。时间戳服务器地址在 signtool.exe 调用中指定为参数。代码签名证书 (CA) 的颁发者应提供其时间戳服务器的地址,但并非所有 CA 都有时间戳服务器。在任何情况下,您都可以使用 Verisign、Comodo 或 GlobalSign 等大型 CA 的时间戳服务器。

于 2012-06-24T06:50:45.627 回答
1

好文章如何在 ClickOnce 发布之前配置 VisualStudio 以签署应用程序:http ://www.systenics.com/blog/sign-click-once-applications-with-godaddy-code-signing-certificate-and-visual-studio-2012 -通过互联网部署/

首先,需要对 Visual Studio 生成的 setup.exe 引导文件进行签名,然后对应用程序和部署清单进行签名,最后对应用程序可执行文件进行数字签名。

于 2014-03-26T04:54:45.500 回答