Monday, June 30, 2014

Save a few hours of your life, and read this.

I have been using Click Once to deploy rich clients for years, pretty much since it became an available tech. No longer the days of creating self-restarting hard to maintain launcher code in my main method. One of the pain points of it, and albeit for a pretty good reason, was signing the manifest files.

I never used Visual Studio to generate my Click Once packages, this is an annoying feature, much like the “Publish” button for Web Sites that just doesn’t belong in the tool. Sure, those one off little tools/site, “just click publish”

Yes, apparently people do that. And for some reason Microsoft encourages it. I highly recommend you get something like Octopus Deploy to push your websites.

“But what about those Click Once”. It is possible and requires a lot of magic without mage. I don’t want to get into too many details, because it is not easy, and not really the point of this post.

So, I had my Click Once working great from the command line, even had the ability to push it from such tools as Cruise Control.Net, and some other CI systems, however, when Migrating to an agent based system, I started running into problems signing, especially with those classy “self-signed” certificates. The deployments were now compiled on an unknown agent, somewhere in my production environments. Not a horrible thing, but using certs from Local System running applications is never easy.

I probably spent about a month, on and off tossing furniture, replacing furniture, and then trying again, until I realized I wasn’t asking the right question.

Do I have to sign my ClickOnce manifest?

Life just became easier. Well, in .Net 3.5 SP1, and since I am deploying a .Net 4.5 application, life is easier.

**** DISCLAIMER: You should still sign commercial products, this was for an internal application hosted on internal servers that are locked down via security, authenticators, iron bars, and magical pixies with pitch forks. You have been warned. ****

No comments: