0

I have been having an issue with 'Trust Not Granted' out of no where. I have been deploying my app for a few years many many times. Out of the blue, I am having a strange issue where the same key I have been using forever, which doesn't expire until the year 3000 is giving me problems. Or is it? Is something else to blame? The key has been installed in the proper certificate stores as always.

Here is the weirdest part: I publish the application and then make two IIS virtual applications pointing to the same physical location. When I try to view them, one says trust not granted the other does not.. it just works as expected.

So finally, it seems like the key isn't the issue, but something with IIS. Does this ring any bells?

I recall a long time ago the coworker that wrote this originally had to edit some machine key in a xml file, but that has not changed in forever. What could be the culprit?

the Trust Not Granted has this for the errors in the detailed log:

ERROR DETAILS

Following errors were detected during this operation.
* [5/18/2012 1:15:40 PM] System.Deployment.Application.TrustNotGrantedException (Unknown subtype)
    - User has refused to grant required permissions to the application.
    - Source: System.Deployment
    - Stack trace:
        at System.Deployment.Application.ApplicationTrust.RequestTrust(SubscriptionState subState, Boolean isShellVisible, Boolean isUpdate, ActivationContext actCtx, TrustManagerContext tmc)
        at System.Deployment.Application.DeploymentManager.DetermineTrustCore(Boolean blocking, TrustParams tp)
        at System.Deployment.Application.DeploymentManager.DetermineTrust(TrustParams trustParams)
        at System.Deployment.Application.InPlaceHostingManager.AssertApplicationRequirements(Boolean grantApplicationTrust)
        at System.Deployment.Application.InPlaceHostingManager.AssertApplicationRequirements()
        at MS.Internal.AppModel.XappLauncherApp.AssertApplicationRequirementsAsync(Object unused)
* [5/18/2012 1:15:40 PM] System.Deployment.Application.DeploymentException (Unknown subtype)
    - The AssertApplicationRequirements method failed. The application cannot be committed.
    - Source: System.Deployment
    - Stack trace:
        at System.Deployment.Application.DeploymentManager.WaitForAssertApplicationRequirements()
        at System.Deployment.Application.DeploymentManager.SynchronizeCore(Boolean blocking)
        at System.Deployment.Application.DeploymentManager.SynchronizeAsyncWorker()
RichardJohnn
  • 654
  • 9
  • 24

1 Answers1

1

I talked to a ClickOnce guy at Microsoft about this issue. He thinks this has nothing to do with the machine key, it has everything to do with the certificate and the signing.

Why are you creating two IIS virtual directories? Are you saying if you run it on the same machine it works differently on two different IIS virtual directories? When you publish the app, what is the installation URL? Is the domain the same on the two virtual directories?

Are you running and targeting .NET 4 or .NET 3.5?

The computer you're running the app on -- is it the same one it's always worked on, or has it been changed? This could have something to do with the certificate installed on the user computer.

RobinDotNet
  • 11,723
  • 3
  • 30
  • 33
  • I wouldn't be surprised if the certificate is messed up now. When I installed VS11 beta, I started to get this error and also whenever I debug an application I see a 'Publisher Not Verified' message box that pops up! I have uninstalled VS11 beta and got the RC, but no change. The two IIS are for testing this kinda problem and yes, they are both set up on the same computer and created identical. I just publish to a folder in my solution directory and then point both IIS virtual applications to that. It is a .NET 3.5 SP1 project. The computer has never changed. Thanks for your time. – RichardJohnn Jul 09 '12 at 17:41
  • I verified this with the C/O guy at MSFT to make sure -- you can not run an xbap in full trust with .NET 3.5. As noted in this article from MSDN, that capability was not available until .NET 4. http://msdn.microsoft.com/en-us/library/aa970060(v=VS.100).aspx – RobinDotNet Jul 10 '12 at 01:04
  • SP1 too? If so, I don't understand how this worked then for the last few years. We access the clients folders to cache info, which I would think needs full trust. We needed to install a certificate for this to work. We did these things before .NET 4 was released. Either way, it doesn't explain how the two identical IIS applications behave differently or why the publisher is not verified when debugging! A few people have submitted this problem after installing VS11 beta, but there is no workaround or fix. : ( – RichardJohnn Jul 10 '12 at 13:25
  • If you submit something in connect.microsoft.com and post the link back here, I will send it to the C/O guy I talked to and see if he has time to look at it, or get it looked at. – RobinDotNet Jul 12 '12 at 17:08