1

My colleagues and I have a C# project must be registered with COM using either regasm.exe or RegistrationServices for Excel interop. As a result, the assembly must be signed with a strong name key. A key file was generated through Visual Studio and committed to the source code repository.

Every time a new developer clones the git repository they must either go to the signing tab of the project properties and re-enter the password for the .pfx file or re-enter the password using sn.exe on the command line. Neither is ideal because both require manual steps and verbal communication of the (easy, widely known) password.

We tried delay signing the assembly which allowed the build to proceed but didn't let us register with COM.

Is there a way to do this without forcing everyone to manually update .pfx key files? Thanks!

Frank
  • 3,029
  • 5
  • 34
  • 43

2 Answers2

3

[ComVisible] assemblies do not require a strong name. The default action for regasm.exe is to assume you'll deploy the assembly into the GAC. That is however not a requirement, give it the /codebase option to register it in the directory where it is located. Typically the build directory of the project.

This is also what Visual Studio does when you tick the "Register for COM interop" option in the Build properties. Now simply building the project is enough. Do check if this is still compatible with your installer. There are DLL Hell implications, best solved with isolation btw.

Hans Passant
  • 922,412
  • 146
  • 1,693
  • 2,536
  • 1
    Thank you for your response. You are correct. Re-reading the regasm.exe output, it is warning not an error, viz: "RegAsm : warning RA0000 : Registering an unsigned assembly with /codebase can cause your assembly to interfere with other applications that may be installed on the same is intended to be used only with signed assemblies. Please give your assembly a strong name and re-register it. Types registered successfully" – Frank Oct 21 '11 at 15:57
  • It's a warning but it clearly says "The /codebase switch is intended to be used only with signed assemblies." Therefore it seems strange to just accept the error and move on. – Robert Noack May 21 '15 at 14:26
2

You don't have to require a password, if you're not worried about someone getting ahold of your .snk and using it for no good. No password, no prompt.

jlew
  • 10,491
  • 1
  • 35
  • 58
  • Thanks...this worked. On the "Create Strong Name Key" dialog that you get by clicking I had to uncheck "Protect my key file with a password". – Frank Oct 21 '11 at 15:43