VSTO deployment issue RRS feed

  • Question

  • I develop a plugin for Word with VSTO, deployed with Click-Once. This plugin is used by our customers and we wish that it is signed when it appears in Word. 
    We have a certificate produced by GlobaSign with as role "Code signing".
    The click-once manifest is signed with this certificate. 
    So, when user starts the setup, the screen of deployment indicates the editor and the informations of certificate is available‌.

    Furthermore we want to be able to make so that the customer accepts or refuses the installation of the updates.
    I have writed the following code, but when the plugin execute the CheckForUpdate line we have an error message, in french : 
    "L’utilisateur a refusé d’accorder les autorisations requises à l’application"

    How to resolve it ?

    Code for user update choice :

                If (ApplicationDeployment.IsNetworkDeployed) Then

                    Dim da As ApplicationDeployment = ApplicationDeployment.CurrentDeployment
                        If da.CheckForUpdate(True) Then
                            If MessageBox.Show("Update is available. Do you want to apply ?",
                              "", MessageBoxButtons.YesNo, MessageBoxIcon.Information, MessageBoxDefaultButton.Button1) = DialogResult.Yes Then
                                Dim bUpdate As Boolean = da.Update()
                                If bUpdate Then MessageBox.Show("Updating OK") Else MessageBox.Show("No Updating")
                            End If
                        End If
                    Catch ex As Exception
                        ShowError(, ex)
                    End Try
                End If

    Tuesday, January 16, 2018 2:06 PM

All replies

  • Hi antoine.dessere,

    ClickOnce applications are given a level of trust on client computers that prevents them from engaging in potentially malicious activity, such as deleting data from the hard drive or accessing the network. A ClickOnce application can use either permission elevation or Trusted Application Deployment to request a higher level of trust:

    • Permission elevation asks the user to grant the application a higher level of security.

    • Trusted Application Deployment matches the digital signature of the ClickOnce application against a list of trusted publishers on the local machine.

    TrustNotGrantedException will be thrown if:

    • The application uses permission elevation and the user denies the request for elevated trust; or

    The application uses Trusted Application Deployment and the digital certificate used to sign the application is not listed as a trusted publisher on the local machine.If you have deployed an update to an application, and the update uses more permissions than the previous version, and ClickOnce throws a TrustNotGrantedException, the new version will not install.


    TrustNotGrantedException Class

    How to: Add a Trusted Publisher to a Client Computer for ClickOnce Applications

    Clickonce deployment Exception: User has refused to grant required permissions to the application.



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact

    Thursday, January 18, 2018 1:13 AM