Gareth O. Evans FdSc BSc » Security

ClickOnce Deployments

gareth — Wed, 10 Feb 2010 15:03:10 +0000

I’ve been pulling my hair out all day trying to figure this out so I thought I’d place it on my blog as a convenient place for other Visual Studio users and myself for next time!

Assumptions
I will assume you have your app build and now ready to release it to your internal corporate network and you have access to a server for deploying your software.

Requirement – OpenSSL
Download and install OpenSSL from here – http://www.slproweb.com/products/Win32OpenSSL.html

Steps
I installed OpenSSL to C:\Program Files\OpenSSL, opening a command prompt window, navigate there and then to the bin directory.

C:\Users\Gareth Evans>cd "C:\Program Files\OpenSSL\" C:\Program Files\OpenSSL>cd bin C:\Program Files\OpenSSL\bin>

Run:
openssl genrsa -out ca.key 4096

To generate a private key for the Certificate Authority (CA).

Run:
openssl req -new -x509 -days 1826 -key ca.key -out ca.crt

To generate a public key for the CA.

Note: Whatever you enter for “Common Name (eg, YOUR name) []:” will become the NAME of the Certificate Provider.

Enter as much or as little information/details as you want or need.

So we’ve created a CA certificate now, we need to create a sub certificate.

Run:
openssl req -new -key ia.key -out ia.csr

Again Note: Whatever you enter for “Common Name (eg, YOUR name) []:” will become the NAME of the Certificate Provider. Remember to call this something different to the CA Common Name.

Run:
openssl x509 -req -days 730 -in ia.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ia.crt

Run:
openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt

Run:
openssl pkcs12 -export -out ia.p12 -inkey ia.key -in ia.crt -chain -CAfile ca.crt -keysig

Open CA.crt
Install Certificate
Put Certificate in “Trusted Root Certification Authority”

Open certificate.crt
Install Certificate
SAVE PRIVATE KEYS – see Fig 1
Put Certificate in “Personal”

Back to Visual Studio now, select the Startup Project, Right Click, Select Properties.

Within the Signing tab (left hand side), Tick “Sign the ClickOnce manifest”, Click “Select from Store”, select your certificate.

Select the Publish tab, Set the Publish Folder Location and Installation Folder URL and click Publish.

Deploy CA.crt to domain Computers, placing Cert in “Trusted Root Certification Authority”

Verify the ClickOnce deployment.

Figure 1

ACL Editor and Simulator v2.0

gareth — Fri, 15 May 2009 21:28:44 +0000

More details are HERE

..and yes I know, two posts on my blog in search a short time! *shock horror* lol

My once yearly post on my blog – 2009.

gareth — Tue, 12 May 2009 22:51:03 +0000

Website
I think its time for a revamp/redesign….XHTML, CSS and jQuery….ASP.NET would be nice but my web hosting doesn’t support it (otherwise I would of moved to N2CMS – been playing with this in work lately)

ACL Editor
Version 2.0 has, I repeat HAS started development…finally! The new version of the editor is being developed using a addon architecture so a developer can create their own addon which will then hook into the core of the editor.

Screen shots to come soon.

Anybody interested in BETA testing this please feel free to get in touch in the usual manner.

New House
Me and Suzanne moved into our little house in November last year.

Any other business!
I still check my emails on this domain a minimum of 10 times a day – so your emails do get answered!

Cisco ACL Editor and Simulator – Version 1.1.0.4

gareth — Wed, 21 Nov 2007 00:11:52 +0000

Version 1.1.0.4 of the Cisco ACL Editor and Simulator has been released and is online!

Purchase / Registration details available.