Menu
I have use a valid publisher code signing certificate for signing.
When the user download the setup.exe Windows 8 SmartScreen still alert the user, although the publisher is a valid one.
Now, after installation. Windows 8 SmartSreen will prompt another message "Windows SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk." and the Publisher is Unkown publisher.
Should I sign the assembly too? Why SmartScreen is still prompting when I have the valid certificate?
How can I sign the application exe, not the setup exe?
833
In the Specific target page, select ClickOnce. Enter a path or select Browse to select the publish location. In the Install location page, select where users will install the application from. In the Settings page, you can provide the settings necessary for ClickOnce.
Every ClickOnce application installed on a local computer has a data directory, stored in the user's Documents and Settings folder. Any file included in a ClickOnce application and marked as a "data" file is copied to this directory when an application is installed.
ClickOnce and DirectInvoke in Microsoft Edge | Microsoft Learn. This browser is no longer supported. Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Should I sign the assembly too?
I suspect this is the problem. ClickOnce requires that its manifests are signed (you have no choice), but I don't think there is a requirement to sign the assemblies themselves (as you alluded to), but it's likely that Windows 8 does have this requirement.
Unsigned assemblies can be modified and any referencing assemblies will dutifully load and execute the code within them - no questions asked, hence a malicious entity could replace one or more of your assemblies on disk and compromise your application. ClickOnce allows for users with low system rights to perform tasks they wouldn't otherwise be allowed to perform, because the permission has been (implicitly) granted via the digital certificate (the cert used to sign the ClickOnce manifests which pre-exists on the target machine, or is trusted via a root cert on the target machine). Therefore by not signing the assemblies there is a weak link in the security chain, and it's likely that this has been tightened in Windows 8 (by default).
To sign as assembly see: How to: Sign an Assembly (Visual Studio)
NB. dotNet assembly signing is usually referred to as strong naming (the terms 'signing' and 'strong naming' seem to be used interchangeably in this context).
NB. A strong named assembly can only refer to other strong named assemblies, although they can be signed with different certificates. This might cause a problem if you have references to third party assemblies that are not strong named - this is rare as it is bad practice to release unsigned code, one option there is simply to sign the assembly with your own certifciate using sn.exe
92
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
