473,703 Members | 3,315 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Renewing certificates and public key tokens

The certificate we use to sign our assemblies was about to expire, so I contacted Verisign to renew it. The new certificate came, we installed it, we pointed out nightly build at it, the new DLLs got signed, so far so good. The problem is that, when we looked at the with ILDASM, we noticed that the public keys tokens are different from the ones generated by the older certificate.

This is a compatibility problem, of course. It's not possible to issue a bindingRedirect from a version signed with the older certificate to one signed with the new one, since .NET considers them different assemblies, not two versions of the same assembly. Verisign insists that renewed certificates always have different public keys, and this is just how things work, but I can't picture that an unavoidable incompatibility is created every year when certificates expire. What am I (or are they) missing?
Nov 16 '05 #1
1 1711
Why are you using certificates for the SN? Why not just create a .snk and use that? Then you don't have to worry about expire and can use same public key for all versions.

--
William Stacey, MVP
http://mvp.support.microsoft.com

"Mike Schilling" <ms************ *@hotmail.com> wrote in message news:eL******** ******@TK2MSFTN GP14.phx.gbl...
The certificate we use to sign our assemblies was about to expire, so I contacted Verisign to renew it. The new certificate came, we installed it, we pointed out nightly build at it, the new DLLs got signed, so far so good. The problem is that, when we looked at the with ILDASM, we noticed that the public keys tokens are different from the ones generated by the older certificate.

This is a compatibility problem, of course. It's not possible to issue a bindingRedirect from a version signed with the older certificate to one signed with the new one, since .NET considers them different assemblies, not two versions of the same assembly. Verisign insists that renewed certificates always have different public keys, and this is just how things work, but I can't picture that an unavoidable incompatibility is created every year when certificates expire. What am I (or are they) missing?
Nov 16 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
2444
by: Ivan Zuzak | last post by:
Hello. Sorry for crossposting, but i didn't have a better idea as to where to post the question. I'm using certificates to sign and encrypt SOAP messages, using WSE in .Net. I want to do the following: 1) Generate a certificate to the system store. 2) Export the certificate from 1) to a file with only the public key, and then import the file as a certificate into the system store, but on another computer. 3) Export the certificate from...
6
9213
by: Mattia Saccotelli | last post by:
Hi I would like to encrypt data using AES (Rijndael) algorithm, providing as the key the key from a given certificate. Just for testing I'm using the public key.. Shouldn't I use the private key instead of the public one? Is there a way to get it or to use such algorithm with a specified private key from a certificate (which may eventually be on a regular file)?
3
5502
by: Charles Denny | last post by:
I'm trying to call CertFindCertificateInStore to find all certificates in the store that have the Code Signing enhanced key usage. I'm running into problems marshalling the array of OIDs in _CTL_USAGE. I keep getting a "This type can not be marshalled as a structure field." Does anyone have any ideas as to what I'm doing wrong? Here's the code: namespace CertSignTest { using System;
0
334
by: Krishna | last post by:
Well, I got it working when running against my test server (IIS5 W2K svr, I will attach a sample of the code at the bottom of this message), but now I'm connecting to our client (Apache) I'm getting the following error: An unhandled exception of type 'System.Net.WebException' occurred in system.dll Additional information: The underlying connection was closed: Unable to connect to the remote server.
0
1001
by: TimHarris | last post by:
Hi All Can someone write the proper instructions how to install the certificates into the certificate stores. There are lots of people having the same problem. I could find the solution since many days. If I run the AsymmetricEncryption code sample it return with error: Server Unavailable Private key is not available. If I run the AsymmetricEncryption policy sample it return with error: Server Unavailable Referenced Security token...
5
4448
by: | last post by:
Hi all, HttpWebRequest, and SoapHttpClientProtocol both expose a ClientCertificates property, which can hold multiple client certificates, but on the service side, it can only receive one client certificate, since it derives System.Web.Services.WebService class, and it's Context.Request.ClientCertificate is a single HttpClientCertificate object, is there a way to receive all the client certificates that is sent in the request? or does IIS...
2
13029
by: Josef Brunner | last post by:
Hi everybody, my VB.NET (Framework 2.0) client application has to do a HttpWebRequest (for reading web-pages and downloading files) on a web server. The server uses a self-signed certifiacte and the client application should also use a self-signed certificate (of course, signed by the same self-made CA) so we would have an authentication of both directions: the server to the client and the other way round. Is there a way to...
0
2426
by: nomad | last post by:
Hi, I am using HTTPWebRequest to add a client certificate. I am then using HTTPWebRequest to POST xml to a web service which requires the attached client certificate to authenticate with their server certificate. However, I keep getting an error "Unable to connect to remote server". I know I am able to connect to their server and retrieve an XML response as we were able to do this using our old solution (WinHTTP in Visual Basic 6). ...
4
1495
by: GaryDean | last post by:
I posted an earlier message on this subject and received links to some old 1.1 docs that didn't do any good. Since then I fouund a book on WSE 3.0 that tells, in some detail, how to develop a web service client where x.509 certificates are used. I'm using the book "Web Service Security - patterns and practices" from microsoft. (also available free as a pdf MS_WSS_Dec.pdf) On page 141 they tell how to develop a Web Service Client using...
0
8750
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8662
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9246
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
1
9005
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
0
8961
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
1
6585
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5922
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
1
3115
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
3
2058
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.