Signing Page, Project Designer

Article
02/04/2013

Use the Signing page of the Project Designer to sign the application and deployment manifests and also to sign the assembly (strong-name signing).

Notice that the signing of application and deployment manifests is a process distinct from the signing of an assembly, although both tasks are performed on the Signing page.

Also, the storage of key-file information differs for manifest signing and assembly signing. For manifest signing, key information is stored in your computer's cryptographic storage database and the current user's Windows certificate store. For assembly signing, key information is stored only in your computer's cryptographic storage database.

To access the Signing page, select a project node in Solution Explorer, and then, on the Project menu, click Properties. When the Project Designer appears, click the Signing tab.

Application and Deployment Manifest Signing

Sign the ClickOnce manifests
Select this check box to sign the application and deployment manifests with a public/private key pair. For more information about how to do this, see How to: Sign Application and Deployment Manifests.
Select from Store
Allows you to select an existing certificate from the current user's personal certificate store.
Select from File
Allows you to select a certificate from an existing key file.
Create Test Certificate
Allows you to create a certificate for testing purposes.
Timestamp server URL
Specifies the address of a server that timestamps your signature. When you provide a certificate, this external site verifies the time that the application was signed.

Assembly Signing

Sign the assembly
Select this check box to sign the assembly and create a strongly named key file. For more information about signing the assembly by using the Project Designer, see How to: Sign an Assembly (Visual Studio).

This option uses the Al.exe tool provided by the Windows Software Development Kit (SDK) to sign the assembly. For more information about Al.exe, see How to: Sign an Assembly with a Strong Name.
Choose a strong name key file
Specifies a new or existing strongly named key file that is used to sign the assembly. Select <New...> to create a new file by using the Create Strong Name Key Dialog Box. (If you specify a password, a .pfx file is created; if you do not specify a password, an .snk file is created. Select <Browse...> to select an existing key file.
Change Password
Click this button to display the Change Key Password dialog box and change the password of your key file. The password information is stored in current user's Windows certificate store.
Delay sign only
Select this check box to enable delay signing. For more information, see How to: Delay Sign an Assembly (Visual Studio).

Note that a delay signed project will not run and cannot be debugged. You can, however, use the Sn.exe (Strong Name Tool) with the -Vr option to skip verification during development.