"Manifest XML signature is not valid"

c# deployment visual-studio-2012 xml-signature
15,969

Solution 1

I had the same problem today. This is how I solved:

What caused the problem: We created a clickonce project using vs2012 and framework 4.5. Then we changed the target framework to 4.0 (client asked to).

The problem is: Framework 4.5 uses SHA-256 algorithm for the signature, and 4.0 uses SHA-1. When we changed the target framework to 4.0 and vs2012 didn't changed the algorithm.

Solution: Change the algorithm manually, generating a new certificate.

Go to Project properties -> signing

You will see the algorithm that is being used in 'Signature Algorithm'. You can create a new test certificate and then you will notice that it changes to 'sha1RSA'

Solution 2

Note, I would have added this as a comment, but due to silly Reputation rules, I can only add an answer!

Beware new code signing certificates

I had this problem recently because our Code Signing certificate needed renewal. So, being blind to the fact that Microsoft haven't patch the XP version of Framework 4 to work with SHA2 certificates during ClickOnce deployment, I told all my clickonce projects to use the new code signing certificate.

As I also do code-based updates of the app rather than just let Microsoft handle it, so that it's a more seamless experience to the end user without them required to press buttons and in the style of my app.

However, I hit a bug where my program didn't report the manifest error, instead it just hung (my bad!). In order to get an update our after working until 3am to discover this problem, I had to create a temporary certificate issued by Visual Studio. The problem with that? Code updates are not seamless any more because microsoft put a stupid dialog up as the publisher is unknown!

So my biggest concern is that yes, OK, XP is not supposedly supported from Monday but that shouldn't mean the Framework 4 shouldn't accept the new certificates if that's what they are pushing to everyone. Microsoft are even actively involved in that push!

The only working answer is as above, you MUST use Visual Studio to create an untrusted temporary certicate, which is rediculous!!! (I still have hope that maybe I didn't find the correct way to use the new certicate)

Share:
15,969

Related videos on Youtube

user1506808
Author by

user1506808

Updated on September 14, 2022

Comments

  • user1506808
    user1506808 over 1 year

    OS: Windows 7 64 bit using Visual Studio Pro 2012 with .NET 4.5 installed.

    I used the Publish option within Visual Studios and ensured that I had clicked the Sign the clickOnce manifest and Sign the Assembly. It will still not run on another computer and says I do not have a valid XML signature. I have pasted the error message below.

    I have also read: How to move a ClickOnce deployment package, Do I have to sign my ClickOnce manifest?. VS2012 .NET 4.0 Clickonce VSTO CryptographicException: SignatureDescription could not be created for the signature algorithm supplied and several others.

    I need to be able to deploy my program on .NET 4.0 at the minimum and I do not have access to another version of Visual Studios. Thanks in Advance!

    complete Error Below:

    PLATFORM VERSION INFO Windows : 5.1.2600.196608 (Win32NT) Common Language Runtime : 2.0.50727.3603 System.Deployment.dll : 2.0.50727.3053 (netfxsp.050727-3000) mscorwks.dll : 2.0.50727.3603 (GDR.050727-3600) dfdll.dll : 2.0.50727.3053 (netfxsp.050727-3000) dfshim.dll : 4.0.31106.0 (Main.031106-0000)

    SOURCES Deployment url : file:///C:/Documents%20and%20Settings/Administrator/Desktop/EatonWizard.application

    ERROR SUMMARY Below is a summary of the errors, details of these errors are listed later in the log. * Activation of C:\Documents and Settings\Administrator\Desktop\EatonWizard.application resulted in exception. Following failure messages were detected: + Exception reading manifest from file:///C:/Documents%20and%20Settings/Administrator/Desktop/EatonWizard.application: the manifest may not be valid or the file could not be opened. + Manifest XML signature is not valid. + SignatureDescription could not be created for the signature algorithm supplied.

    COMPONENT STORE TRANSACTION FAILURE SUMMARY No transaction error was detected.

    WARNINGS There were no warnings during this operation.

    OPERATION PROGRESS STATUS * [10/10/2012 2:05:02 PM] : Activation of C:\Documents and Settings\Administrator\Desktop\EatonWizard.application has started.

    ERROR DETAILS Following errors were detected during this operation. * [10/10/2012 2:05:02 PM] System.Deployment.Application.InvalidDeploymentException (ManifestParse) - Exception reading manifest from file:///C:/Documents%20and%20Settings/Administrator/Desktop/EatonWizard.application: the manifest may not be valid or the file could not be opened. - Source: System.Deployment - Stack trace: at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri) at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirectBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation) at System.Deployment.Application.DownloadManager.DownloadDeploymentManifestBypass(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, SubscriptionState& subState, IDownloadNotification notification, DownloadOptions options) at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl) at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state) --- Inner Exception --- System.Deployment.Application.InvalidDeploymentException (SignatureValidation) - Manifest XML signature is not valid. - Source: System.Deployment - Stack trace: at System.Deployment.Application.Manifest.AssemblyManifest.ValidateSignature(Stream s) at System.Deployment.Application.ManifestReader.FromDocument(String localPath, ManifestType manifestType, Uri sourceUri) --- Inner Exception --- System.Security.Cryptography.CryptographicException - SignatureDescription could not be created for the signature algorithm supplied. - Source: System.Security - Stack trace: at System.Security.Cryptography.Xml.SignedXml.CheckSignedInfo(AsymmetricAlgorithm key) at System.Security.Cryptography.Xml.SignedXml.CheckSignatureReturningKey(AsymmetricAlgorithm& signingKey) at System.Deployment.Internal.CodeSigning.SignedCmiManifest.Verify(CmiManifestVerifyFlags verifyFlags) at System.Deployment.Application.Manifest.AssemblyManifest.ValidateSignature(Stream s)

    COMPONENT STORE TRANSACTION DETAILS No transaction information is available.

  • JsAndDotNet
    JsAndDotNet over 10 years
    +1 - Gem! There are a lot of suggestions on the web. For me, this was the answer.
  • Vinzz
    Vinzz about 10 years
    Indeed, very glad to find such a precise info, and so quick
  • BrainSlugs83
    BrainSlugs83 almost 10 years
    Hmm... using 2010 and network 4.0 client profile, Sha256 shows up in my manifest a couple of times (mostly sha1 though) -- seems to show up in all the same places for the old version that worked versus the new version that doesn't work (we renewed our key and some clients have an issue installing it now, not sure why).
  • BrainSlugs83
    BrainSlugs83 almost 10 years
    Hmmm.. I renewed my certificate too -- but my clients that are experiencing this issue are using Windows 7 (x64)...
  • netniV
    netniV over 9 years
    Actually, you can just change a certificate. But that aside, you've obviously missed the point that the last framework on XP doesn't support SHA2 (sha256) certificates despite knowing they were going to remove SHA1 for some time. Thus, within a year, all XP signed apps will no longer work and can not be re-signed.
  • netniV
    netniV over 8 years
    I understand what is being said here, but this isn't an answer. A proper valid certificate can not be applied to Code Signing for under framework 4.0. This is a self-signed certificate that is produced by Visual Studio and produces security warnings when used for deployment to customers. ClickOnce really goes to town in warning users about this resulting in a lack of confidence of the deployed product. Any properly licensed Code Signing certificate will be SHA256 from now on

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Best way to deploy Visual Studio application that can run without installing
Visual Studio MVC 5 shows errors but compiles and runs okay
Debugging Windows Store application on local machine
Visual Studio C# debugger - the breakpoint will not currently be hit
could not load file or assembly HtmAgilityPack verion 1.4.6.0
Error in using report viewer in visual studio 2012 in design mode
Method not found 'Void Newtonsoft.Json.Serialization.DefaultContractResolver.set_IgnoreSerializableAttribute(Boolean)
How do I delete a row from a Microsoft Access table using c#
Collapse ALL #region in Visual Studio 2012
Printing current date and time C#