By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
434,949 Members | 2,038 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 434,949 IT Pros & Developers. It's quick & easy.

signer's certificate is not valid for signing (VS2008 windows forms)

P: n/a
<extreme frustration>

I have googled and read about this, but can't seem to get a grip on it.
Apparently I am being coerced into digitally signing applications. Is this
true? What if I don't want to?

The basic question is: If I click the "Create Test Certificate" button on
the Signing tab of the properties for my application so I can publish it,
what happens when I distribute the application?

- Will users be challenged installing the application because they have
to install a certificate?

- Will users be getting scary warnings they don't understand because its
not a 'real' certificate?

- Will users come screaming in one year because the certificate has
expired?

- Will I have to provide new certificates every year to every user
forever?

What the heck is the point of this? I don't see it as a meaningful security
enhancement.

It is useful to be able to sign an application, but it is not something
which should be forced down my throat. Let ME decide if I want to digitally
sign my application!

Background:

After installing VS2008, when I try to publish a vb.net windows application
I get the failure message "The signer's certificate is not valid for
signing."

I unchecked the checkbox "sign the click once manifests" on the signing tab,
but it checks itself. GRR!

</extreme frustration>

Thanks
Bill
Oct 9 '08 #1
Share this Question
Share on Google+
1 Reply


P: n/a
I'm told you can turn off signing with VS2008 Service pack 1.

- Will users be challenged installing the application because they have
to install a certificate?
Yes, but with a cert they can trust your company if they want, preventing
further checks.
>
- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?
Yes
>
- Will users come screaming in one year because the certificate has
expired?
Yes, and will cause problems for existing deployed applications.
- Will I have to provide new certificates every year to every user
forever?
depends on the cert duration.
>
What the heck is the point of this? I don't see it as a meaningful
security enhancement.
User can be sure the application came from the company where the cert
claims, and that the software has not been modified by a differnt party. The
cert can also be revoked if needed.

Eric
"BillE" <be****@datamti.comwrote in message
news:%2****************@TK2MSFTNGP05.phx.gbl...
<extreme frustration>

I have googled and read about this, but can't seem to get a grip on it.
Apparently I am being coerced into digitally signing applications. Is
this true? What if I don't want to?

The basic question is: If I click the "Create Test Certificate" button on
the Signing tab of the properties for my application so I can publish it,
what happens when I distribute the application?

- Will users be challenged installing the application because they have
to install a certificate?

- Will users be getting scary warnings they don't understand because
its not a 'real' certificate?

- Will users come screaming in one year because the certificate has
expired?

- Will I have to provide new certificates every year to every user
forever?

What the heck is the point of this? I don't see it as a meaningful
security enhancement.

It is useful to be able to sign an application, but it is not something
which should be forced down my throat. Let ME decide if I want to
digitally sign my application!

Background:

After installing VS2008, when I try to publish a vb.net windows
application I get the failure message "The signer's certificate is not
valid for signing."

I unchecked the checkbox "sign the click once manifests" on the signing
tab, but it checks itself. GRR!

</extreme frustration>

Thanks
Bill

Oct 9 '08 #2

This discussion thread is closed

Replies have been disabled for this discussion.