ClickOnce - can I add a code signing certificate to my existing deployment?
Let's say we have version 2.0 of an app deployed to about 3000 users already running the app.
So far, the app has been unsigned (signed by some auto-generated certificate from VS).
Users are using .NET 2.0.
Now we would like to deploy a new version that will be signed using a certificate from tucows. One of the answers below indicates that if we are targeting the .NET Framework 2.0, changing the code signing certificate will "break" the identity of the application. What does it mean?
How do I add a new code signing certificate to an existing deployment?
It is not possible to notify all users to reinstall the app from scratch (or from a new URL).
(EDIT: This was a previous requirement, not valid now:
I would like to make sure that existing users won't be able to see the update at all (they shouldn't be notified when a new version is available) and all new users will get a signed version when they install for the first time. Just signing the deployment shouldn't be a cause for concern for existing users. )
source to share
I just found a great post explaining the problem in detail:
This applies to both changing a certificate from a temporary to a trusted certificate provider as well as expired certificates.
They may receive the following error: + Deployment ID does not match subscription.
The solution should also allow .NET 2.0 users to reinstall the entire clickonce application, which is not possible. Another solution is to promote .NET 3.5 SP1 as a prerequisite which triggers a reinstall anyway and is a huge download.
Link: http://social.msdn.microsoft.com/Forums/en/winformssetup/thread/1217520d-6dc4-4fb1-83d1-0fa148d60e5d
App breaking in the case of .NET 2.0 means existing users will receive an error when installing the update, or they won't see the update at all.
He links to a post including source code that can fix the app for .NET 2.0 users: http://robindotnet.wordpress.com/2009/03/30/clickonce-and-expiring-certificates/
The renewal process consists of re-signing an interim update with a certificate with the same key as the expiring certificate, publishing an intermediate update that removes the application and forces the new version.
Very painful!
source to share
Yes, this will work 100%. The new signing will of course have an effect if the program is downloaded again. Signing should not affect users with the current version, although only if the program is downloaded / updated.
If you have an automatic update, they will get it, however this is a reason for existing users' errors, as it shows that your application is now more secure because they know it is now coming from you.
source to share
As Kyle said, it will work if you're careful. (and of course post the same version)
Warning. Existing users must have at least .NET 3.0 SP2 or .NET 3.5 SP1.
Cause: Prior to this, the signature was considered part of the application identifier, and changing it would break the application for the installed user base.
But please try all this for yourself, just do it with a mini-project that you just keep posting to your resource on your own machine and trying to subscribe, etc. between releases.
source to share