Using Authenticode with a ClickOnce WPF application
Well, no one has jumped on this, but thankfully, I figured it out!
Thanks to this question: "File has a different computed hash than specified in manifest" error when signing the EXE
I was able to edit the project file's XML (Unload the project, then choose "Edit myproject.csproj") and added:
<Target Name="SignOutput" AfterTargets="CoreCompile"><PropertyGroup> <TimestampServerUrl>http://timestamp.comodoca.com/authenticode</TimestampServerUrl> <ApplicationDescription>My Project Friendly Name</ApplicationDescription> <SigningCertificateCriteria>/n MyCertName</SigningCertificateCriteria></PropertyGroup><ItemGroup> <SignableFiles Include="$(ProjectDir)obj\$(ConfigurationName)\$(TargetName)$(TargetExt)" /></ItemGroup><GetFrameworkSdkPath> <Output TaskParameter="Path" PropertyName="SdkPath" /></GetFrameworkSdkPath><Exec Command=""$(SdkPath)bin\signtool" sign $(SigningCertificateCriteria) /d "$(ApplicationDescription)" /t "$(TimestampServerUrl)" "%(SignableFiles.Identity)"" />
I had to move the signtool.exe file into the SDK folder (C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin, in my case), but after that it worked like a charm!
I hope this helps someone else in the future.