次の方法で共有


Create your own .pfx file for ClickOnce

When you use ClickOnce to deploy your application with Visual Studio, a .pfx file is automatically generated by default.

Reminder:
When you want to use Authenticode signing, you need:

· A public key (.cer file) which is given by a Certificate Authority (trusted third party)
· A private Key (.pvk file) that you generate and you keep confidential

A Personal Information Exchange (pfx file) contains a public key and a private key. You can use it to hash your files (binary, assembly …) and even signed your manifest file for ClickOnce.

If you want to create your own PFX file with your personal information, you have to complete these two steps:

Create your public & private Keys (You will be prompt to define the private key’s password):
makecert.exe -sv MyKey.pvk -n "CN=.NET Ready!!!" MyKey.cer

Create your PFX file from the public and private key
pvk2pfx.exe -pvk MyKey.pvk -spc MyKey.cer -pfx MyPFX.pfx -po toto

Now that you have your PFX file, you can sign your application with mage or mageUI:

With Mage:

Sign the application manifest
mage -sign MyApplication _1_0_0_0\ MyApplication.exe.manifest -CertFile Test.pfx -pwd "toto"
With :
MyApplication _1_0_0_0\ MyApplication.exe.manifest :application manifest
Test.pfx : pfx file (include the private and public keys)
toto= password

Update the deployment manifest with the application manifest
mage -update MyApplication.application –AppManifest MyApplication _1_0_0_0\ MyApplication.exe.manifest
With :
MyApplication.application : deploy manifest
MyApplication _1_0_0_0\ MyApplication.exe.manifest : application manifest

Sign the deployment manifest
mage -sign MyApplication.application -CertFile Test.pfx -pwd "toto"
With :
MyApplication.application : deploy manifest
Test.pfx : pfx file (include the private and public keys)
toto= password

With MageUI:

 

Or your can define your certificate to sign your ClickOnce manifest in Visual Studio (before deployment):

Now, your application will be deployed with your certificate ;-)

Have Fun !!!

Comments

  • Anonymous
    April 02, 2007
    This article really made my day :) Thanks!!

  • Anonymous
    June 04, 2007
    Merci bien Maxime, c'était parfait!

  • Anonymous
    September 23, 2007
    Based on a recent inquiry, I have compiled the following, simple How-To on digitally signing Vista Sidebar

  • Anonymous
    October 17, 2007
    Just Wow, Gr8 work

  • Anonymous
    January 24, 2008
    I want To change the formula from jpg to pfx

  • Anonymous
    May 22, 2008
    How to increase the expire date of the pfx file

  • Anonymous
    June 01, 2008
    This is required for testing purpose. Required for development.

  • Anonymous
    June 06, 2008
    Thank you for this great article. It really helped me resolve my isssue... THanks.

  • Anonymous
    July 08, 2008
    I hope you haven't gotten sick of people thanking you yet, but... THANK YOU! I spent the last few hours trying to understand the MSDN, and then I stumbled over this blog which answered everything. You're awesome.

  • Anonymous
    August 22, 2008
    I see that in your example, you set the X509name to "CN=.NET Ready!!!".  Ok, but what does it mean?  I've looked around and I get some vague answers like from Wikipidia: "Its subject contains many personal details, but the most important part is usually the common name (CN), as this is the part that must match the host being authenticated." (http://en.wikipedia.org/wiki/X.509) But how is it matched? Giving some other examples I've seen, it looks like that string can be anything anyway.  So why even bother?

  • Anonymous
    August 22, 2008
    I see that in your example, you set the X509name to "CN=.NET Ready!!!".  Ok, but what does it mean?  I've looked around and I get some vague answers like from Wikipidia: "Its subject contains many personal details, but the most important part is usually the common name (CN), as this is the part that must match the host being authenticated." (http://en.wikipedia.org/wiki/X.509) But how is it matched? Giving some other examples I've seen, it looks like that string can be anything anyway.  So why even bother?

  • Anonymous
    August 27, 2008
    Someone can send me the pvk2pfx.exe i've lost from my drive to dcolumbich@hotmail.com. Thank you.

  • Anonymous
    November 10, 2008
    Someone can send me the pvk2pfx.exe to bobkoalexander@gmail.com. Thank you.

  • Anonymous
    November 12, 2008
    All good, but now how can you keep you chaining intact. the p7b aka PCKS#7 file contains chaining information. The method of signing you just described doesnt accomidate chaining. Any ideas people?

  • Anonymous
    November 26, 2008
    Remark : If you’re not using FinalBuilder but plain MSBuild, you can most likely benefit from the tutorial

  • Anonymous
    December 29, 2008
    nice post. what i have been searching for. Keep it up!

  • Anonymous
    January 01, 2009
    I wonder why MSDN cannot be less confusing. Thanks.

  • Anonymous
    May 04, 2009
    Thank you for information that is simple and to the point. I like your example, not too much but it fully illustrates the process well! Thank you again!

  • Anonymous
    July 22, 2009
    am from india......ur article is really helpful.......thanks for online chat help.....

  • Anonymous
    February 15, 2010
    You explained it in very simple and useful way Thanks very much. It helped me lot

  • Anonymous
    March 25, 2010
    i want a pfx file, how to create

  • Anonymous
    July 10, 2010
    Can some one send me the pvk2pfx.exe to me. My email id is vinayarali@gmail.com

  • Anonymous
    January 14, 2011
    Thank you so much! Finally someone who could explain how it works.

  • Anonymous
    July 31, 2011
    It's a really useful info.  Thanks.

  • Anonymous
    January 30, 2013
    How can get  max deploy .exe please provide me link

  • Anonymous
    August 15, 2013
    sir  plz  How can get  max deploy .exe please provide me link

  • Anonymous
    August 21, 2013
    how to get tha max deplo.exe provide me the link