Re: signer's certificate is not valid for signing (VS2008 windows forms)
- From: "eschneider" <eschneider.news@xxxxxxxxxxxxxxxxx>
- Date: Thu, 9 Oct 2008 13:20:29 -0500
I'm told you can turn off signing with VS2008 Service pack 1.
- Will users be challenged installing the application because they have
to install a certificate?
Yes, but with a cert they can trust your company if they want, preventing
further checks.
- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?
Yes
- Will users come screaming in one year because the certificate has
expired?
Yes, and will cause problems for existing deployed applications.
- Will I have to provide new certificates every year to every user
forever?
depends on the cert duration.
What the heck is the point of this? I don't see it as a meaningful
security enhancement.
User can be sure the application came from the company where the cert
claims, and that the software has not been modified by a differnt party. The
cert can also be revoked if needed.
Eric
"BillE" <belgie@xxxxxxxxxxx> wrote in message
news:%23k9UfBjKJHA.1156@xxxxxxxxxxxxxxxxxxxxxxx
<extreme frustration>
I have googled and read about this, but can't seem to get a grip on it.
Apparently I am being coerced into digitally signing applications. Is
this true? What if I don't want to?
The basic question is: If I click the "Create Test Certificate" button on
the Signing tab of the properties for my application so I can publish it,
what happens when I distribute the application?
- Will users be challenged installing the application because they have
to install a certificate?
- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?
- Will users come screaming in one year because the certificate has
expired?
- Will I have to provide new certificates every year to every user
forever?
What the heck is the point of this? I don't see it as a meaningful
security enhancement.
It is useful to be able to sign an application, but it is not something
which should be forced down my throat. Let ME decide if I want to
digitally sign my application!
Background:
After installing VS2008, when I try to publish a vb.net windows
application I get the failure message "The signer's certificate is not
valid for signing."
I unchecked the checkbox "sign the click once manifests" on the signing
tab, but it checks itself. GRR!
</extreme frustration>
Thanks
Bill
.
- References:
- Prev by Date: Re: Need a technique to speed up processing
- Next by Date: my usb ports
- Previous by thread: signer's certificate is not valid for signing (VS2008 windows forms)
- Next by thread: my usb ports
- Index(es):
