I'm trying to automate the build and publish (plus some middle steps) and everything worked fine (it compiles, starts and works as it should, with the manifest and the digital signature that I apply using command line) until I tried to "install" the package using ClickOnce.
I got this very very very strange error:
Reference in the manifest does not match the identity in the downloaded assembly XYZ.application.
The previous one was the same but referring to another file.:
Reference in the manifest does not match the identity in the downloaded assembly XYZ.exe.
(I translated the message from Italian to English so it doesn't match the English version of the error message 100%.)
I've created a batch that uses MSBuild to clean and build, after use mt to embed the manifest and signtool to sign the assembly and, in the end, use Mage to create the manifest for ClickOnce, sign it, update the .application file (I don't use Mage to create it, because I need some stuff that Mage doesn't support) and in the end sign it.
I'm using an in-house certificate for testing (I created the root CA, and I used it to sign another certificate I made ad hoc for signing the application and ClickOnce.)
I'm using Visual Studio 2012 and SDK tools.
Here is my XYZ.application file:
<?xml version="1.0" encoding="utf-8"?>
<asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:co.v1="urn:schemas-microsoft-com:clickonce.v1" xmlns:co.v2="urn:schemas-microsoft-com:clickonce.v2">
<assemblyIdentity name="XYZ.application" version="1.0.0.11" publicKeyToken="f685d5914ea12e96" language="it" processorArchitecture="msil" xmlns="urn:schemas-microsoft-com:asm.v1" />
<description asmv2:publisher="AUTHOR" co.v1:suiteName="AUTHOR" asmv2:product="AUTHOR" asmv2:supportUrl="http://help.AUTHOR.net/" co.v1:errorReportUrl="http://support.AUTHOR.net/" xmlns="urn:schemas-microsoft-com:asm.v1" />
<deployment install="true" disallowUrlActivation="true" mapFileExtensions="true" minimumRequiredVersion="1.0.0.11" co.v1:createDesktopShortcut="true">
<subscription>
<update>
<expiration maximumAge="1" unit="days" />
</update>
</subscription>
<deploymentProvider codebase="http://www.AUTHOR.net/app/XYZ.application" />
</deployment>
<dependency>
<dependentAssembly dependencyType="install" codebase="Application Files\XYZ_1_0_0_11\XYZ.exe.manifest" size="17032">
<assemblyIdentity name="XYZ.exe" version="1.0.0.11" publicKeyToken="f685d5914ea12e96" language="neutral" processorArchitecture="msil" type="win32" />
<hash>
<dsig:Transforms>
<dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>7YuwliwCxwoquWp3EQf90NMXbg4=</dsig:DigestValue>
</hash>
</dependentAssembly>
</dependency>
<compatibleFrameworks xmlns="urn:schemas-microsoft-com:clickonce.v2">
<framework targetVersion="4.5" profile="Full" supportedRuntime="4.0.30319" />
</compatibleFrameworks>
<publisherIdentity name="..." issuerKeyHash="..." /><Signature Id="StrongNameSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">...SIGNATURE STUFF REMOVED...</Signature></asmv1:assembly>
Here there is the publish.bat batch file (it is not the entire file, just the important stuff).
CALL "C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\vcvarsall.bat"
SET PROJECT_NAME=XYZ
SET PROJECT_VERSION=1.0.0.11
SET PROJECT_CSPROJ=%PROJECT_NAME%.csproj
SET PROJECT_PLATFORM=AnyCPU
SET PROJECT_CONFIGURATION=ReleaseForPublish
SET SDK_DIR=C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin
SET PROJECT_DIR=PATH_TO_PROJECT_DIR
SET PROJECT_BUILDDIR=%PROJECT_DIR%\bin
SET PROJECT_TARGETDIR=%PROJECT_BUILDDIR%\%PROJECT_CONFIGURATION%
SET PROJECT_TARGETFILENAME=%PROJECT_NAME%.exe
SET PUBLISH_PROCESSOR=msil
SET PUBLISH_DIR=%PROJECT_DIR%\publish
SET PUBLISH_TARGETDIR_BASE=Application Files\%PROJECT_NAME%_%PROJECT_VERSION:.=_%
SET PUBLISH_TARGETDIR=%PUBLISH_DIR%\%PUBLISH_TARGETDIR_BASE%
SET PUBLISH_PROVIDERURL=http://www.AUTHOR.net/app/%PROJECT_NAME%.application
SET PUBLISH_MANIFESTURL=http://www.AUTHOR.net/app/Application Files/%PROJECT_NAME%_%PROJECT_VERSION:.=_%/%PROJECT_NAME%.exe.manifest
SET PUBLISH_SUPPORTURL=http://www.AUTHOR.net/support
SET CERTIFICATE_PATH=%PROJECT_DIR%\_resources\Certificates\codesign.pfx
SET CERTIFICATE_PASSWORD=123456
REM Clean the project
CALL :ExecuteCommand "Cleaning build" "MSBUILD ""%PROJECT_DIR%\%PROJECT_CSPROJ%"" /p:Configuration=""%PROJECT_CONFIGURATION%"" /p:Platform=""%PROJECT_PLATFORM%"" /t:Clean"
REM Build the project
CALL :ExecuteCommand "Building project" "MSBUILD ""%PROJECT_DIR%\%PROJECT_CSPROJ%"" /p:Configuration=""%PROJECT_CONFIGURATION%"" /p:Platform=""%PROJECT_PLATFORM%"" /t:Build"
REM Embed the manifest
CALL :ExecuteCommand "Embedding manifest" """%SDK_DIR%\MT"" -manifest ""%PROJECT_DIR%\_resources\app.manifest"" -outputresource:""%PROJECT_TARGETDIR%\%PROJECT_TARGETFILENAME%;#1"""
REM Sign the assembly
CALL :ExecuteCommand "Signing the assembly" """%SDK_DIR%\SIGNTOOL"" sign /f ""%CERTIFICATE_PATH%"" /p %CERTIFICATE_PASSWORD% /v ""%PROJECT_TARGETDIR%\%PROJECT_TARGETFILENAME%"""
REM Copy the application to the publish folder
CALL :ExecuteCommand "Copying binaries to the publish folder" "XCOPY /E /R /H /Q ""%PROJECT_TARGETDIR%"" ""%PUBLISH_TARGETDIR%"""
REM Create the click once manifest
CALL :ExecuteCommand "Creating click-once application" "MAGE -New Application -name ""%PROJECT_NAME%"" -Version %PROJECT_VERSION% -IconFile ""output.ico"" -TrustLevel FullTrust -UseManifestForTrust true -Publisher ""ADV Network GmbH"" -SupportURL ""%PUBLISH_SUPPORTURL%"" -Processor %PUBLISH_PROCESSOR% -ToFile ""%PUBLISH_TARGETDIR%\%PROJECT_NAME%.exe.manifest"" -FromDirectory ""%PUBLISH_TARGETDIR%"" -CertFile ""%CERTIFICATE_PATH%"" -Password %CERTIFICATE_PASSWORD%"
REM Sign the manifest
CALL :ExecuteCommand "Signing click-once application" "MAGE -Sign ""%PUBLISH_TARGETDIR%\%PROJECT_NAME%.exe.manifest"" -CertFile ""%CERTIFICATE_PATH%"" -Password %CERTIFICATE_PASSWORD%"
REM Update the version and the manifest in the application file
CALL :ExecuteCommand "Updating application deployment [1/2]" "MAGE -Update ""%PUBLISH_DIR%\%PROJECT_NAME%.application"" -Version %PROJECT_VERSION% -Install true -IncludeProviderURL true -ProviderURL ""%PUBLISH_PROVIDERURL%"" -AppManifest ""%PUBLISH_TARGETDIR%\%PROJECT_NAME%.exe.manifest"" -AppCodeBase ""%PUBLISH_TARGETDIR_BASE%\%PROJECT_NAME%.exe.manifest"""
REM Update the min version in the application file
CALL :ExecuteCommand "Updating application deployment [2/2]" "MAGE -Update ""%PUBLISH_DIR%\%PROJECT_NAME%.application"" -MinVersion %PROJECT_VERSION% -CertFile ""%CERTIFICATE_PATH%"" -Password %CERTIFICATE_PASSWORD%"
REM Sign the application
CALL :ExecuteCommand "Signing application deployment" "MAGE -Sign ""%PUBLISH_DIR%\%PROJECT_NAME%.application"" -CertFile ""%CERTIFICATE_PATH%"" -Password %CERTIFICATE_PASSWORD%"
ECHO - Finalizing process
REM Copy the .application inside the target dir
COPY /Y "%PUBLISH_DIR%\%PROJECT_NAME%.application" "%PUBLISH_TARGETDIR%\%PROJECT_NAME%.application" >NUL
REM Add .deploy extension
FOR /r "%PUBLISH_TARGETDIR%" %%i IN (*.*) DO (
IF "%%~xi" NEQ ".manifest" (
IF "%%~xi" NEQ ".application" (
MOVE /Y "%%i" "%%i.deploy" >NUL
)
)
)
This is the error message (in Italian):
INFORMAZIONI VERSIONE PIATTAFORMA (platform informations)
Windows : 6.1.7601.65536 (Win32NT)
Common Language Runtime : 4.0.30319.18052
System.Deployment.dll : 4.0.30319.17929 built by: FX45RTMREL
clr.dll : 4.0.30319.18052 built by: FX45RTMGDR
dfdll.dll : 4.0.30319.17929 built by: FX45RTMREL
dfshim.dll : 4.0.31106.0 (Main.031106-0000)
ORIGINI (sources)
URL distribuzione : file:///PATH_TO_PUBLISH/XYZ.application
URL applicazione : file:///PATH_TO_PUBLISH/Application%20Files/XYZ_1_0_0_11/XYZ.exe.manifest
IDENTITÀ (identity)
Identità distribuzione : XYZ.application, Version=1.0.0.11, Culture=it, PublicKeyToken=f685d5914ea12e96, processorArchitecture=msil
Identità applicazione : XYZ.exe, Version=1.0.0.11, Culture=neutral, PublicKeyToken=f685d5914ea12e96, processorArchitecture=msil, type=win32
RIEPILOGO APPLICAZIONE (application summary)
* Applicazione installabile. (application installable)
RIEPILOGO ERRORI (errors summary)
Quello che segue è un riepilogo degli errori. Informazioni dettagliate su tali errori sono disponibili più avanti nel registro.
* L'attivazione di PATH_TO_PUBLISH\XYZ.application ha causato un'eccezione. Sono stati rilevati i messaggi di errore seguenti:
+ Il riferimento nel manifesto non corrisponde all'identità dell'assembly scaricato XYZ.application.
RIEPILOGO ERRORI TRANSAZIONE ARCHIVIO COMPONENTI (components archive transaction errors summary)
Nessun errore di transazione rilevato. (no errors)
AVVISI (warnings)
Nessun avviso durante l'operazione. (no warnings)
STATO OPERAZIONE (operation state)
* [04/10/2013 10:09:57] : Attivazione di PATH_TO_PUBLISH\XYZ.application avviata.
* [04/10/2013 10:09:57] : Elaborazione del manifesto di distribuzione completata.
* [04/10/2013 10:09:57] : Installazione dell'applicazione avviata.
* [04/10/2013 10:09:58] : Elaborazione del manifesto dell'applicazione completata.
* [04/10/2013 10:10:00] : Trovata una versione Runtime compatibile 4.0.30319.
* [04/10/2013 10:10:00] : Richiesta del trust e rilevamento della piattaforma completati.
DETTAGLI ERRORI (error details)
Durante l'operazione sono stati rilevati gli errori seguenti.
* [04/10/2013 10:10:01] System.Deployment.Application.InvalidDeploymentException (RefDefValidation)
- Il riferimento nel manifesto non corrisponde all'identità dell'assembly scaricato XYZ.application.
- Origine: System.Deployment
- Analisi dello stack:
in System.Deployment.Application.DownloadManager.ProcessDownloadedFile(Object sender, DownloadEventArgs e)
in System.Deployment.Application.FileDownloader.DownloadModifiedEventHandler.Invoke(Object sender, DownloadEventArgs e)
in System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
in System.Deployment.Application.SystemNetDownloader.DownloadAllFiles()
in System.Deployment.Application.FileDownloader.Download(SubscriptionState subState)
in System.Deployment.Application.DownloadManager.DownloadDependencies(SubscriptionState subState, AssemblyManifest deployManifest, AssemblyManifest appManifest, Uri sourceUriBase, String targetDirectory, String group, IDownloadNotification notification, DownloadOptions options)
in System.Deployment.Application.ApplicationActivator.DownloadApplication(SubscriptionState subState, ActivationDescription actDesc, Int64 transactionId, TempDirectory& downloadTemp)
in System.Deployment.Application.ApplicationActivator.InstallApplication(SubscriptionState& subState, ActivationDescription actDesc)
in System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
in System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
DETTAGLI TRANSAZIONE ARCHIVIO COMPONENTI
Nessuna informazione disponibile sulla transazione.