Create your own .pfx file for ClickOnce

When you use ClickOnce to deploy your application with Visual Studio, a .pfx file is automatically generated by default.

When you want to use Authenticode signing, you need:

· A public key (.cer file) which is given by a Certificate Authority (trusted third party)
· A private Key (.pvk file) that you generate and you keep confidential

A Personal Information Exchange (pfx file) contains a public key and a private key. You can use it to hash your files (binary, assembly …) and even signed your manifest file for ClickOnce.

If you want to create your own PFX file with your personal information, you have to complete these two steps:

Create your public & private Keys (You will be prompt to define the private key’s password):
makecert.exe -sv MyKey.pvk -n "CN=.NET Ready!!!" MyKey.cer

Create your PFX file from the public and private key
pvk2pfx.exe -pvk MyKey.pvk -spc MyKey.cer -pfx MyPFX.pfx -po toto

Now that you have your PFX file, you can sign your application with mage or mageUI:

With Mage:

Sign the application manifest
mage -sign MyApplication _1_0_0_0\ MyApplication.exe.manifest -CertFile Test.pfx -pwd "toto"
With :
MyApplication _1_0_0_0\ MyApplication.exe.manifest :application manifest
Test.pfx : pfx file (include the private and public keys)
toto= password

Update the deployment manifest with the application manifest
mage -update MyApplication.application –AppManifest MyApplication _1_0_0_0\ MyApplication.exe.manifest
With :
MyApplication.application : deploy manifest
MyApplication _1_0_0_0\ MyApplication.exe.manifest : application manifest

Sign the deployment manifest
mage -sign MyApplication.application -CertFile Test.pfx -pwd "toto"
With :
MyApplication.application : deploy manifest
Test.pfx : pfx file (include the private and public keys)
toto= password

With MageUI:


Or your can define your certificate to sign your ClickOnce manifest in Visual Studio (before deployment):

Now, your application will be deployed with your certificate ;-)

Have Fun !!!