When you use ClickOnce to deploy your application with Visual Studio, a .pfx file is automatically generated by default.
Reminder:When you want to use Authenticode signing, you need:
· A public key (.cer file) which is given by a Certificate Authority (trusted third party)· A private Key (.pvk file) that you generate and you keep confidential
A Personal Information Exchange (pfx file) contains a public key and a private key. You can use it to hash your files (binary, assembly …) and even signed your manifest file for ClickOnce.
If you want to create your own PFX file with your personal information, you have to complete these two steps:
Create your public & private Keys (You will be prompt to define the private key’s password):makecert.exe -sv MyKey.pvk -n "CN=.NET Ready!!!" MyKey.cer
Create your PFX file from the public and private key pvk2pfx.exe -pvk MyKey.pvk -spc MyKey.cer -pfx MyPFX.pfx -po toto
Now that you have your PFX file, you can sign your application with mage or mageUI:
Sign the application manifestmage -sign MyApplication _1_0_0_0\ MyApplication.exe.manifest -CertFile Test.pfx -pwd "toto"With :MyApplication _1_0_0_0\ MyApplication.exe.manifest :application manifestTest.pfx : pfx file (include the private and public keys)toto= password
Update the deployment manifest with the application manifestmage -update MyApplication.application –AppManifest MyApplication _1_0_0_0\ MyApplication.exe.manifest With :MyApplication.application : deploy manifestMyApplication _1_0_0_0\ MyApplication.exe.manifest : application manifest
Sign the deployment manifestmage -sign MyApplication.application -CertFile Test.pfx -pwd "toto"With :MyApplication.application : deploy manifestTest.pfx : pfx file (include the private and public keys)toto= password
Or your can define your certificate to sign your ClickOnce manifest in Visual Studio (before deployment):
Now, your application will be deployed with your certificate ;-)
Have Fun !!!