You have posted in the windows 10 application compatibility forum, since your issue is related to “ClickOnce and Setup & Deployment Projects”. I suggest you ask at the dedicated windows forms forum over here:
Best regards,
sylvia
ClickOnce signing: Is it possible only with SHA256 certificate?
Stavros Dimopoulos
1
Reputation point
I want to sign a ClickOnce application but I cannot make it work, I always get a warning or an error that prevents installation.
I've read some old articles that said that I need both SHA-1 and SHA256 certificates in order to sign a ClickOnce application.
It worked fine for a long time but I cannot make it work any more.
- SHA1 certificates are deprecated
https://learn.microsoft.com/en-us/sysinternals/announce/sha1deprecation - It is difficult to get a SHA-1 from my EV Code Signing Certificate Provider
Is it possible to use ClickOnce nowadays or should I use another installer and rewrite my application?
Windows for business | Windows Client for IT Pros | Devices and deployment | Set up, install, or upgrade
5 answers
Sort by: Most helpful
-
Sylvia Chen (Shanghai Wicresoft Co,.Ltd.) 1,511 Reputation points2020-08-18T08:28:09.923+00:00 -
Sylvia Chen (Shanghai Wicresoft Co,.Ltd.) 1,511 Reputation points
2020-08-21T05:04:22.44+00:00 Just to check if the above reply could be of help, if yes, you may mark useful reply as answer, if not, welcome to feedback.
Best regards,
Sylvia -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AndyNakamura 51 Reputation points2020-11-20T11:11:13.163+00:00 The clickonce forum has been shut down. Users are told to post here.
-
WithinRafael 326 Reputation points Volunteer Moderator2020-12-17T02:45:40.537+00:00 Signtool no longer supports signing of ClickOnce manifests; use Mage instead. However, you may soon hit another problem -- you can't interact with Hardware Security Modules (HSMs) to sign ClickOnce manifests. (HSMs are typically your only option when dealing with EV certificates these days.)
Your best option is to migrate away from ClickOnce. (Sorry.)
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 2%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
Vincent Moreau 1 Reputation point2022-02-18T19:58:55.27+00:00 @WithinRafael (HSMs) are not supported since .net 4.7 to sign clickonce manifest as documented here
I just bring back this thread as I had issue with a new certificate and investigating EV.