问题描述
在工作中,我们有一个ClickOnce应用程序,当客户端尝试安装该应用程序时,它会引发异常:
为解决此问题,我们最终使用了另一个证书文件,并且该文件运行正常(对清单进行了签名)。
但是我们不明白为什么将其安装在开发人员机器上(即使不是与该应用程序一起工作的开发人员)也可以工作,但不适用于客户端计算机吗?
我们没有太多有关如何创建证书或ClickOnce软件包的信息,因为执行证书的人已经走了并且没有离开文档
正在使用的证书没有密码,普通用户没有管理员权限。
来自堆栈溢出问题 ,我可能猜到问题出在,他们是使用 Framework 4.5,然后将应用程序设置为与.NET Framework 4.0一起运行时,他们没有更改签名算法。但是然后我认为它也对开发人员也不起作用。
您能给我的任何见解将不胜感激。
更新:自Visual Studio 2013 Update 3起已修复。尝试从该VS版本或更高版本发布应用。 p>
上一个答案:
这是因为您的开发人员计算机安装了.NET 4.5,而客户端计算机仅安装了.NET已安装4.0。 .NET 4.0客户端计算机无法读取清单文件,因为它们希望使用SHA-1,而.NET 4.5开发人员计算机可以读取清单文件。
请参见其他一些上下文。
尝试使用SHA-签名清单1个证书而不是SHA-2证书。
At work we had a ClickOnce application that, when the client would try to install, was throwing the exception:
To solve this, we ended up using another certificate file, and it worked fine (resigned the manifest).
But we can not understand why it would work to install the application in the developers machines (even developers that were not working with the application), but it would not work for the clients' machines?
We don't have much information on how the certificates were created or the ClickOnce package, because the person that did it is gone and didn't leave documentation about it.
The certificate that was being used didn't have a password and normal users do not have administrator rights.
From Stack Overflow question Manifest XML signature is not valid, I could guess that the problem maybe was that they created the project and certificate with .NET Framework 4.5 and then when they set the application to run with .NET Framework 4.0, they didn't change the signature algorithm. But then I would asume it shouldn't work for the developers either.
Any insight you could give me would be greatly appreciated.
Update: This is fixed as of Visual Studio 2013 Update 3. Try publishing your app from that version of VS or later.
Previous answer:
It's because your developer machine had .NET 4.5 installed, while your client machines only had .NET 4.0 installed. The .NET 4.0 client machines can't read the manifest, as they expect SHA-1, while the .NET 4.5 developer machines can.
See this blog post for some additional context.
Try signing your manifest with a SHA-1 certificate instead of a SHA-2 certificate.
这篇关于“清单XML签名无效”;在客户端计算机上,但在开发人员计算机上工作正常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!