The 0908 SDK has dropped, and I’d like to talk about some of the highlights of this release.

SODA

The big one is SODA, our name for the ability to write non-web-based HealthVault applications. SODA leverages our master/child application infrastructure in a different way, and will provide some nice additional capabilities (I have an app or two that I want to write using it). More details will follow in the near future.

I should note that our current plan is to require SODA apps to deploy with a HealthVault redist package, so that it will be possible for us to service the SDK assemblies through Microsoft Update. We’re working on that but it’s not ready quite yet.

Application Creation

In previous releases, it was a bit cumbersome to create a new application – you had to create the certificate, upload it, copy helloworld, and update the web.config appropriately. We have extended the HealthVault Application Manager to make this easier.

If you just want to clone HelloWorld to try something out, you can choose “Create New HelloWorld Sample”, select VB or C# as your language, decide where your project should live, and you’ll be ready to hit F5 in VS to run the project.

Or, if you want to get fancy, choose “Create New Application”. This does the same thing as the HelloWorld approach, except that it will also create a new application certificate, start the registration process to the application configuration center. Just hit F5, and you’re up and running with your new application.

Certificate Storage

Both of these approaches leverage the new ability to put an application’s certificate on the file store instead of in the certificate store. This should be more convenient in some situations. This is done by adding a key in the web.config file:

<add key="ApplicationCertificateFileName" value="g:\mshealth\Nice App\cert\WildcatApp-3cdc0cea-6008-4c76-9169-36d44c3d63b4.pfx" />

If the certificate has a password, that can be specified with the ApplicationCertificatePassword key.

We do caution that applications should take care not to put the certificate in a web-accessible directory.