Windows 8 shows the "Unknown Publisher" security warning after clicking the shortcut to a .NET 4.0 ClickOnce App with signed manifest and signed EXE file.


  • Hello, I have made a ClickOnce Full trust application with VS2010 and .NET 4.0 Client Profile. The application manifest and even the EXE file is signed with a valid publisher certificate.

    The publisher is recognized and the certificate chain is accepted during install. A Medium-risk dialog is shown (because of the Full trust) and program shortcuts are created. Everything is ok.

    After clicking the program shortcut in Windows 8 the certificate is no more recognized. Just like the EXE file would not be signed. A warning prompt is shown saying the ...exe is from an Unknown Publisher and it would be a security risk to continue.

    In Windows XP and 7 there is no such issue.

    Googling for "ClickOnce Trust Manager indicates an unknown publisher in security warning" I have found the following article:

    If it is a bug in Windows 8? When it will be fixed?
    Does ClickOnce in Windows 8 accept no more certificates with the hash algorithm SHA1 but the stronger SHA2?
    How can I discard showing the warning message not involving end users into this process in Windows 8?

    I have a valid SHA1 Codesign certificate.

    thanks for your help


    Sunday, November 18, 2012 6:58 PM

All replies

  • what is the value of <dsig:DigestMethod Algorithm=" in your application manifest? What is the actual length of the hash?

    Visual C++ MVP

    Tuesday, December 04, 2012 2:06 AM
  • Hi.

    I have the exact same problem, signature of click once works fine in XP and Win7 but Windows 8 brings up the message "Unknown Publisher". 

    Here is the DigestMethod Algorithm value from me: 

    <dsig:DigestMethod Algorithm="" />

    I hope someone can shed a light on this.



    Wednesday, December 12, 2012 10:16 AM