Reputation: 127
How To Properly Sign And Deploy VSTO Addin
I have developed a vsto excel addin.
this is what i do to deploy it on a new pc.
- copy all the files to local computer/folder
here is my folder structure:
then i added following info to registry:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Excel\Addins\Bill Generator For Quickbooks]
"Description"="Bill Generator For Quickbooks"
"FriendlyName"="Bill Generator For Quickbooks"
"LoadBehavior"=dword:00000003
"Manifest"="file:///c:\Users\SiamIT-VMW7\Desktop\redist\Bill Generator For Quickbooks.vsto|vstolocal"
then when i run/open excel, it shows following warning window (as the file(s) is not signed). And if i click "install" it does and works as it should
As i like to remove that warning i have signed the manifest and vsto file using mage utility. but excel throws following error if i try to run using signed version ?!?
what i am missing here then? what is the correct approach to avoid that warning window?
thanks in advance
best regards
Upvotes: 1
Views: 1783
Answers (4)
Reputation: 2047
Update 2025: You can now use the .NET Sign CLI tool, which also supports remote signing using Azure Key Vault.
Upvotes: 1
Reputation: 49455
You can see a standard dialog for ClickOnce installers when you try to install a non-signed application. To avoid such dialogs you need to sign the application and deployment manifests. They must be signed with a public/private key pair and signed using Authenticode technology. You can sign the manifests by using a certificate from the Windows certificate store or a key file.
As i like to remove that warning i have signed the manifest and vsto file using maze utility.
Maze is not related to digital signatures. You need to sign your ClickOnce installer with a digital signature from any trusted vendor, see How to: Sign application and deployment manifests for more information.
Also you may find the Deploy an Office solution by using ClickOnce article helpful.
Upvotes: 0
Reputation: 127
After quite some research i found the solution..
that error was showing as i sign both files (the manifest and the vsto) using maze -sign command. but that is not the correct procedure..
1st i need to sign the manifest file using maze -sign command
And then i need to sign the vsto file using maze -update command so that maze can add the signed manifest hash in vsto file so that it can be matched by excel.
here is the example command line codes to sign the manifest:
mage.exe -s "Bill Generator For Quickbooks.dll.manifest" -a sha256RSA -ch [My Certificate Hash] -csp "[My Certificate Service Provider]" -kc [My Certificate Key Container] -TimeStampUri [My Certificate Provider Timestamp URL]
And Here is the example command line codes to sign the vsto file using update command
mage.exe -u "Bill Generator For Quickbooks.vsto" -appmanifest "Bill Generator For Quickbooks.dll.manifest" -a sha256RSA -ch [My Certificate Hash] -csp "[My Certificate Service Provider]" -kc [My Certificate Key Container] -TimeStampUri [My Certificate Provider Timestamp URL]
and when i add this way signed files to the deployment it works nicely!
here is the screenshot how it looks like:
I posted my own answer with a thought that it may helps someone some day :)
Upvotes: 3
Reputation: 66286
The first prompt is always shown by the VSTO system when an addin is installed and used for the very first time. Even if the certificate is trusted.
The second prompt is shown because the the certificates specified in the manifest/vsto/dll files don't match.
Upvotes: 0
Related Questions
- How do I create an Excel (.XLS and .XLSX) file in C# without installing Microsoft Office?
- How and when to use ‘async’ and ‘await’
- What is a NullReferenceException, and how do I fix it?
- How do you convert a byte array to a hexadecimal string, and vice versa?
- Installation of VSTO by adding registry in end user computers
- How to correctly sign VSTO app?
- Does VSTO addin need to add registry entries to Wow6432Node?
- Excel Addin HKLM vsto|vstolocal inactive
- Unable to install a VSTO excel 2003 AddIn