GIS Converter - Signing

Question

GIS Converter - Signing

Dani_S 5,581

I need to sign the app.

What is signing ?
Which apps I need to sign ? GisConvert.ConsoleApp , also GisConvert.WpfApp and GisConvert.TestsApp ?
What option of signing I have ?
What is the best practice?
Does signing is one time?
Do I need update it all times?
Can you sign with best option all the needed projects?
Can you give videos, how do you do it, for each project?
Where i see the code of signing in .csproj of the project?
I send you in private the code?

Thanks,

Answer accepted by question author

2 additional answers

Your answer

Answer 1

Harry Vo (WICLOUD CORPORATION) 4,665 Microsoft External Staff Moderator

Hi @Dani_S , sorry for late response, I will show you more detail instruction below:

Step 1: Create a strong-name key (.snk)

Option A: Using Visual Studio

Right-click Solution -> Properties -> Signing
Click New…
Name it (for example): GitConverter.snk
Leave password empty (recommended unless required)

Save (it will be added to your solution)

Option B: Command line (alternative)

sn -k GitConverter.snk(Requires Developer Command Prompt)

Step 2: Enable signing in each project

Right-click project -> Properties
Go to Signing
Check Sign the assembly
Select GitConverter.snk
Save
Repeat for the rest projects.

Step 3: After build, verify:

sn -vf ConsoleApp.dll
sn -vf WpfApp.dll
Expected result: Assembly ... is valid

Note:

Don't commit .snk to public repos
Use one .snk file
You don't have to open the snk file.

Dani_S 5,581 Reputation points

2026-01-08T13:12:35.43+00:00

what about what I did ?
Dani_S 5,581 Reputation points

2026-01-08T13:52:11.7166667+00:00
Hi Harry,

Please see:

https://app.screencast.com/JW3xprpRsyu4z

1.I removed the code from all .csproj from previous post.

<PropertyGroup>

<SignAssembly>true</SignAssembly>

<AssemblyOriginatorKeyFile>GisConverter.snk</AssemblyOriginatorKeyFile>

</PropertyGroup>

2.I have already createdGitConverter.snk in previous post.

3.I did this:

Step 2: Enable signing in each project

Right-click project -> Properties

Go to Signing

Check Sign the assembly

Select GitConverter.snk

Save

Repeat for the rest projects.

4, I did this and is not working:

Step 3: After build, verify:

sn -vf ConsoleApp.dll

sn -vf WpfApp.dll

What to do ?

4.You said :Don't commit .snk to public repos

The file located near solution, how i exclude it from public repos?

Your quick answer will be appreciated.

Thanks a lot.
Harry Vo (WICLOUD CORPORATION) 4,665 Reputation points Microsoft External Staff Moderator

2026-01-09T03:48:27.0966667+00:00

Hi @Dani_S

Make sure you build your solution first, then find the DLLs file location, they might be located somewhere in these paths:

GitConverterEngine\GisConverter\ConsoleApp\bin\Debug\net8.0\ConsoleApp.dll

GitConverterEngine\GisConverter\WpfApp\bin\Debug\net8.0\WpfApp.dll

If it's true, then modify the command like this:

sn -vf "ConsoleApp\bin\Debug\net8.0\ConsoleApp.dll"

sn -vf "WpfApp\bin\Debug\net8.0\WpfApp.dll"If the result says valid, then you done!
Dani_S 5,581 Reputation points

2026-01-09T05:12:28.03+00:00
Hi Harry,

Please look on m I'm using .NET 9.

1.The Console Is valid but GisConverter.WpfApp.dll is not valid, why?

sn -vf "GisConverter.WpfApp\bin\Debug\net9.0-windows\GisConverter.WpfApp.dll"

2.What about GisConvert.TestsApp, no need to check ?

3.What about GisConvert.LIB, no need to check ?

4.Why in all clients I have dll + exe and not only dll ? for example in GisConverter.ConsoleApp:

Thanks a lot.

Your quick answer will be appreciated.
Harry Vo (WICLOUD CORPORATION) 4,665 Reputation points Microsoft External Staff Moderator

2026-01-09T06:20:01.62+00:00

1.The Console Is valid but GisConverter.WpfApp.dll is not valid, why?

The picture said valid, did you mistake somewhere?

2.What about GisConvert.TestsApp, no need to check ?

3.What about GisConvert.LIB, no need to check ?

Did you sign it like the others? If you do, then you can check.

4.Why in all clients I have dll + exe and not only dll ? for example in GisConverter.ConsoleApp:

Well, I believe GisConverter.ConsoleApp is the one that has entry point, like static void Main(..), top-level statements like Program.cs... Without entry point, output cannot be run by itself.

Your project is a console app, right? It will produce exe as entry point to run with dll as IL code used by the exe.

The others don't have exe because they might be Class Library, Shared logic project or Plugin / SDK / NuGet package as they don't need entry point to run.
Dani_S 5,581 Reputation points

2026-01-09T06:45:56.8233333+00:00

Hi Harry,

You said :Don't commit .snk to public repos/

The file located near solution, how I exclude it from public repos?

Your quick answer will be appreciated.

Thanks a lot.
Michael Le (WICLOUD CORPORATION) 10,555 Reputation points Microsoft External Staff Moderator

2026-01-09T07:03:33.5633333+00:00
Navigate to your .gitignore file and add this line:

GisConverter/GisConverter.snk
Dani_S 5,581 Reputation points

2026-01-09T07:49:50.0933333+00:00
1.These the Strong-name sign to all projects (passes successfully)

sn -vf "GisConverter.ConsoleApp\bin\Debug\net9.0\GisConverter.ConsoleApp_1.0.0.0.dll" sn -vf "GisConverter.Lib\bin\Debug\netstandard2.1\GisConverter.Lib.dll" sn -vf "GisConverter.TestsApp\bin\Debug\net9.0\GisConverter.TestsApp.dll" sn -vf "GisConverter.WpfApp\bin\Debug\net9.0-windows\GisConverter.WpfApp.dll"

2.GisConverter.snk

You said: GisConverter/GisConverter.snk

I need to do it in that way: /GisConverter/GisConverter.snk

3.Why I have two rows:

Fody - auto-generated XML schema

FodyWeavers.xsd

/GisConverter/GitConverter.Lib/Aspose.Total.Net.lic

/GisConverter/GisConverter.Lib/Aspose.Total.Net.lic

Thanks a lot,
Michael Le (WICLOUD CORPORATION) 10,555 Reputation points Microsoft External Staff Moderator

2026-01-09T08:12:12.5166667+00:00

2.GisConverter.snk

As long as the file path is correct, either GisConverter/GisConverter.snk or /GisConverter/GisConverter.snk will work, so feel free to use whichever you prefer.

3.Why I have two rows:

Since both lines serve the same purpose, you can remove one.
Dani_S 5,581 Reputation points

2026-01-09T09:04:45.7333333+00:00

Hi Michel and Harry,

Thank you very much for your help.

You are very professionals programmers.

Thank a lot.

Answer 2

Signing the App: Signing an app is a process that involves applying a digital signature to the app package. This signature verifies the identity of the publisher and ensures that the app has not been tampered with since it was signed.
What is Signing?: Signing is a cryptographic operation that verifies the contents and publisher of an app. It is essential for security and trust, especially when distributing apps.
Which Apps to Sign?: You need to sign all your apps that you plan to distribute. In your case, this includes GisConvert.ConsoleApp, GisConvert.WpfApp, and GisConvert.TestsApp.
Options for Signing: You can sign your app using tools like SignTool, which is part of the Windows SDK. You will need a valid code signing certificate, typically in .pfx format.
Best Practices: It is best practice to use a code signing certificate from a trusted certificate authority. Ensure that the subject name of the certificate matches the publisher name in your app's manifest.
Is Signing One-Time?: Signing is not necessarily a one-time process. You may need to re-sign your app if you make changes to it or if the certificate expires.
Do I Need to Update It All Times?: You need to update the signing certificate if it expires or if you change the app significantly.
Can You Sign All Projects?: You can sign all the needed projects using the same code signing certificate as long as it meets the requirements.
Videos for Signing: I cannot provide videos, but you can find many tutorials online that demonstrate how to sign apps using SignTool.
Code of Signing in .csproj: The signing configuration is typically found in the .csproj file under the <PropertyGroup> section, where you can specify the signing options.
Sending Code in Private: I cannot assist with reviewing code or private messages.

For more detailed information on signing app packages, you can refer to the following resources.

Dani_S 5,581 Reputation points

2026-01-07T08:08:02.3633333+00:00

What is signing ? You answer.

Which apps I need to sign ? GisConvert.ConsoleApp , also GisConvert.WpfApp and GisConvert.TestsApp ? I need your help Michel.

What option of signing I have ? I do not want to use SignTool with certificate, is possible?

What is the best practice?You answer

Does signing is one time?You answer

Do I need update it all times?You answer

Can you sign with best option all the needed projects? You answer

Can you give videos, how do you do it, for each project? Please give Video.

Where i see the code of signing in .csproj of the project? You answer
Dani_S 5,581 Reputation points

2026-01-07T08:24:13.89+00:00

Hi Michel,

Please add me video for:

Which apps I need to sign ? GisConvert.ConsoleApp , also GisConvert.WpfApp and GisConvert.TestsApp ? I need your help Michel.

What option of signing I have ? I do not want to use SignTool with certificate, is possible?

Don't change the project.

Answer 3

Harry Vo (WICLOUD CORPORATION) 4,665 Microsoft External Staff Moderator

Hello @Dani_S ,

What is Signing?

Signing in C# projects means adding a cryptographic signature to assemblies or manifests to ensure authenticity, integrity, and unique identity.

Which apps I need to sign ? GisConvert.ConsoleApp , also GisConvert.WpfApp and GisConvert.TestsApp ?

GisConverter.ConsoleApp - Yes
GisConverter.WpfApp - Yes
GisConverter.TestsApp - (optional)

What option of signing I have ?

Strong-Name Signing - Gives your assemblies a unique identity within .NET. Uses a .snk key file.
Authenticode Signing - Signs executables with a digital certificate so Windows trusts them. Prevents "Unknown Publisher" warnings.

What is the best practice?

Apply strong-name signing to all projects using the same .snk file
Apply Authenticode signing only to the final .exe files users run
Always use timestamping when Authenticode signing
Purchase an EV certificate if building trust quickly is important

Where i see the code of signing in .csproj of the project?

This is an example generated by Copilot:

<PropertyGroup>
  <SignAssembly>true</SignAssembly>
  <AssemblyOriginatorKeyFile>YourKey.snk</AssemblyOriginatorKeyFile>
</PropertyGroup>

Does signing is one time? Do I need update it all times?

Strong-name: Yes, one-time setup
Authenticode: Certificate expires annually and must be renewed

Can you sign with best option all the needed projects? Can you give videos, how do you do it, for each project?

Due to Code of conduct, I can't, but you can follow the document below for more detail:

Dani_S 5,581 Reputation points

2026-01-07T10:00:48.2633333+00:00
**Strong-Name Signing =>**Prevents "Unknown Publisher" warnings ?

Which option is better and why: Strong-Name Signing - Gives your assemblies a unique identity within .NET. Uses a .snk key file. Authenticode Signing
Harry Vo (WICLOUD CORPORATION) 4,665 Reputation points Microsoft External Staff Moderator

2026-01-07T10:15:45.83+00:00
Hello @Dani_S ,

**Strong-Name Signing =>**Prevents "Unknown Publisher" warnings ?

Sorry for confusing you. No, Strong-Name Signing does not prevent "Unknown Publisher" warnings.

Strong-Name = Internal .NET assembly identity only

Authenticode = Prevents Windows "Unknown Publisher" warnings (image below)

Which option is better and why

This is not an either/or choice - you should use both:

Strong-Name Signing:

Free

Protects assembly identity

Prevents tampering at .NET level

Required for GAC deployment

Use for: All your assemblies (.dll and .exe)

Authenticode Signing:

Paid (requires certificate)

Builds user trust

Prevents Windows warnings

Shows your company name to users

Use for: Only the final .exe files users run

Recommendation for Your Project:

Strong-name sign: All projects (ConsoleApp, WpfApp, Lib, TestsApp,...)

Authenticode sign: Only GisConverter.ConsoleApp.exe and GisConverter.WpfApp.exe

Priority: Start with Strong-Name (free, easy). Add Authenticode later when you're ready to distribute to users.
Dani_S 5,581 Reputation points

2026-01-07T10:41:47.3433333+00:00
Hi Harry,

OK .

How I add Strong-name sign to all projects (ConsoleApp, WpfApp, Lib, TestsApp,...) Can you please show me a video how is done ? or screenshots?

2.YourKey.snk is a string ?

Is same for all projects (ConsoleApp, WpfApp, Lib, TestsApp,...)?

I can copy these code to csproj to all my projects,

<PropertyGroup> <SignAssembly>true</SignAssembly> <AssemblyOriginatorKeyFile>YourKey.snk</AssemblyOriginatorKeyFile> </PropertyGroup>

4.Can I change it later?

Thanks in advance,
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Harry Vo (WICLOUD CORPORATION) 4,665 Reputation points Microsoft External Staff Moderator

2026-01-07T11:35:07.2266667+00:00
How I add Strong-name sign to all projects

You can also follow this tutorial
https://learn.microsoft.com/en-us/dotnet/standard/assembly/sign-strong-name

YourKey.snk is a string ?

No, YourKey.snk is a filename. It's a binary file containing your cryptographic keys. Replace "YourKey" with whatever you named your file (e.g., "MyGisConverter.snk").

Is same for all projects

Yes! Use the same .snk file for all projects in your solution. This gives them a unified identity.

All your projects should reference the same file:

ConsoleApp → ..\\MyGisConverter.snk

WpfApp → ..\\MyGisConverter.snk

Lib → ..\\MyGisConverter.snk

TestsApp → ..\\MyGisConverter.snk

Can I change it later?

Technically yes, but NOT recommended. Changing the key is a breaking change:

Changes assembly identity

Breaks references in other projects

Requires recompiling everything

Can break deployed applications

Best practice: Choose once and keep it for the lifetime of your product.

Quick verification: After adding to .csproj and rebuilding, check your bin\Debug folder - the assemblies should now be signed.
Dani_S 5,581 Reputation points

2026-01-07T12:27:03.52+00:00
Hi Harry,

1.I did what you said, is it ok?

https://app.screencast.com/O82huJDWTRYhM

2.Please look on the errors:

Errors.txt

3.I removed the content of AssemblyInfo.cs and clean and rebuild and all errors gone?

/

/ Allow the test assembly to access internal types/members for unit testing. // The string must match the test assembly name (default: project name). [assembly: InternalsVisibleTo("GisConverter.TestsApp")]

Is good to remove it?

4.This my ConsoleApp/bin/Debug folder:

How can I see my assemblies are signed ?

Quick verification: After adding to .csproj and rebuilding, check your bin\Debug folder - the assemblies should now be signed.

I open GisConverter.snk file is look like this**:**

Can you explain?

Thanks in advance,
Dani_S 5,581 Reputation points

2026-01-08T02:28:05.9133333+00:00

Hi Harry, In your answer please see in the video of signing code in csoroj of all projects are ok? Is there a meaning where i put this code in csoroj , the order does matter? Thanks
Dani_S 5,581 Reputation points

2026-01-08T09:01:14.9666667+00:00

Hi Harry,

Can you please answer ?

Thanks in advance,
Dani_S 5,581 Reputation points

2026-01-09T09:41:54.6066667+00:00

This the results in .csproj of signing tool of VS in all projects ?
Harry Vo (WICLOUD CORPORATION) 4,665 Reputation points Microsoft External Staff Moderator

2026-01-09T09:46:59.85+00:00

That's mean you signed that project with the key snk.

You can manually add it in the csproj. file to sign the project or the VS will do it for you if you follow step 2 in the accepted answer.
Dani_S 5,581 Reputation points

2026-01-09T09:52:04.01+00:00

Great!!!

Share via

GIS Converter - Signing

Fody - auto-generated XML schema

2 additional answers

Your answer