1

I have a visual basic project that I deploy using ClickOnce.

When I publish it with ClickOnce, I see no issues.

When I publish it with msbuild.exe, I have an issue. When the user launches the application, he gets an error stating: The deployment identity does not match the subscription.

I also have a warning on the same log file:

WARNINGS
* The manifest for this application does not have a signature. Signature validation will be ignored.

Searching Google, I was led to believe that I could solve the problem by using the same pfx file between Visual Studio and msbuild.exe (it won't automatically find the pfx file).

In the project file (blahblahblah.vbproj) there's this node:

<PropertyGroup>
    ...
    <ManifestKeyFile>blahblahblah_TemporaryKey.pfx</ManifestKeyFile>
    ...
</PropertyGroup>

However, in my project folder, there's no such file. Now, Visual Studio must be getting that file from somewhere, because I regularly publish the project with Visual Studio and there's no issue.

I also compared the generated 2 blahblahblah.application files, and the only differences are either in the version (which is supposed to change with each publication) and the DigestValue.

<dependency>
    <dependentAssembly dependencyType="install" codebase="Application Files\blahblahblah_I_1_0_0_84\blahblahblah.exe.manifest" size="101425">
        <assemblyIdentity name="blahblahblah.exe" version="1.0.0.84" publicKeyToken="0000000000000000" language="neutral" processorArchitecture="x86" type="win32" />
            <hash>
                <dsig:Transforms>
                    <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />
                </dsig:Transforms>
                <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                <dsig:DigestValue>lgzZRBBqxOOKi0IJcMCIBEWRU2A=</dsig:DigestValue>
            </hash>
        </dependentAssembly>
    </dependency>
</asmv1:assembly>

Also, as you can notice, I have publicKeyToken="0000000000000000", which is the same for both versions.

To solve this issue, users have to uninstall and reinstall the application. Unfortunately, that is not acceptable for my clients, so I have to find a solution. I can try to get them to accept it once, but I need to be able to publish from either msbuild or Visual Studio with no such conflicts.

So, my question is, what do I have to do for the The deployment identity does not match the subscription error to be gone for good?

DonkeyMaster
  • 1,302
  • 4
  • 17
  • 36
  • possible duplicate of [click once Error: The deployment identity does not match the subscription](http://stackoverflow.com/questions/3100050/click-once-error-the-deployment-identity-does-not-match-the-subscription) – DonkeyMaster Jul 09 '13 at 12:52
  • Answer: http://stackoverflow.com/a/4705174/5178 After further inquiry, it turns out the problem was because we had changed the target cpu. I'm still puzzled about the missing TemporaryKey file, but it seems to be unrelated to my woes. – DonkeyMaster Jul 09 '13 at 12:53

1 Answers1

0

So far as the missing .pfx goes... Did you ever look in CertMgr.msc, specifically Certificates - Current User\Personal\Certificates? Most likely Visual Studio is using the SHA1 DigestValue to match the SHA1 Thumbprint of a Code Signing certificate in there. You should be able to right-click > All Tasks > Export... and export the private key into a .pfx container which you can then import on your build machine (into the user account used by msbuild).

FooMonkey
  • 159
  • 1
  • 3