I have a VSTO project which combines C# and Excel. My employer requires me to sign this using a certificate for which I do not have a pfx file, I only have the certificate on a chip card.
I have read most manuals and questions asked here on signing VSTO, but all somehow assume I have the pfx file. My setup in Visual Studio is the following:
- „Sign the ClickOnceManifest“ is checked, using „Select from Store„ the certificate from a chipCard is selected
- „Sign the Assemly“ is checked. I do not have the pfx file, so I hit „New“ and created a certificate called assemblySigningCertificate.pfx (this might be a completely bogus step, but that's the only pfx I get)
after publishing the project, I run a script that updates the signatures using mage.exe such as
set AppPublishPath=publish set AppPublishVersionPath=publish\Application Files\diagramUnifier_1_0_0_0 copy bin\Debug\*.dll "%AppPublishVersionPath%" copy bin\Debug\*.dll.config "%AppPublishVersionPath%" copy bin\Debug\*.exe "%AppPublishVersionPath%" mage.exe -update "%AppPublishVersionPath%\diagramUnifier.dll.manifest" -ch "… certificate hash from certmgs.msc " mage.exe -update "%AppPublishVersionPath%\diagramUnifier.vsto" -appmanifest "%AppPublishVersionPath%\diagramUnifier.dll.manifest" -ch "… certificate hash from certmgs.msc " mage.exe -update "%AppPublishPath%\diagramUnifier.vsto" -appmanifest "%AppPublishVersionPath%\diagramUnifier.dll.manifest" -ch "… certificate hash from certmgs.msc "
Once all this is done, I install the VSTO and run the xlsm file. I receive a "SignatureDescription could not be created from the signature algorithm supplied" error pointing to the VSTO file. Details of the error provide only a stackTrace, nothing else.
My questions are:
- is it even possible to sign a VSTO project without a certificate for which I have a pfx file?
- if I don’t have the pfx file, is it the right thing to create a new certificate in the “Sign the assembly” section of settings
- am I doing something else entirely wrong?
Any help is much appreciated, Daniel