[ACCEPTED]-How can I renew my expired ClickOnce certificate?-clickonce

If you're after a quick solution, then you 6 can "renew" your existing certificate 5 and just give it a longer expiry date.

Cliff 4 Stanford has cleaned up the Microsoft "workaround" and 3 made it available as a simple command line 2 exe - available here: http://may.be/renewcert/ - Nice work Cliff 1 !

Here's the definitive MSDN article on certificate 6 expiration, which also includes a link to 5 an update on RenewCert. http://msdn.microsoft.com/en-us/library/ff369721.aspx This covers all 4 cases.

If you are targeting .NET 3.5, using 3 automatic updates, and don't have a VSTO 2 app, OR you are targeting .NET 4, changing 1 the certificate will not cause you any problems.

Update: @OceanAirdrop did all the work below 18 and made it available on github: https://github.com/OceanAirdrop/ExtendClickOnceCertificate, he has 17 usage instructions on the readme landing 16 page.

Original Details:

Renewing the pfx is 15 the way to go as @Andy Blackman states, but 14 renewcert has issues running on modern windows 13 when I tried to use it. To fix the may.be/renewcert 12 dependencies another guy rewrote it in C# so 11 you can use it on modern Visual Studio:

https://nathanpjones.com/2013/01/renewing-temporary-certificate/

Download 10 the source from his website, compile, and 9 run.

If you get a "system.accessviolationexception" on 8 the marshalling in CertNameToStr for wcslen, then 7 make the following changes so the marshalling 6 doesn't blow up:

1. In Crypt.cs:Line 130 change 5 the psz variable to use char[] instead of 4 string:

    [DllImport("crypt32.dll", CharSet = CharSet.Auto)]
   -        internal static extern int CertNameToStr(X509Encoding dwCertEncodingType, ref CRYPT_DATA_BLOB pName, CertNameType dwStrType, ref string psz, int csz);
   +        internal static extern int CertNameToStr(X509Encoding dwCertEncodingType, ref CRYPT_DATA_BLOB pName, CertNameType dwStrType, [In, Out] char[] psz, int csz);
   

2. In Program.cs:Line 131 use a char 3 buffer instead of a string:

   -                //var buffer = new char[1024];
   -                string buffer = new string('\0', 1024);
   +                char[] buffer = new char[1024];
   +                //string buffer = new string('\0', 1024);
                    int d;
   -                if ((d = Crypt.CertNameToStr(Crypt.X509Encoding.ASN_Encodings, ref certNameBlob, Crypt.CertNameType.CERT_X500_NAME_STR, ref buffer, 1024 * sizeof(char))) != 0)
   +                if ((d = Crypt.CertNameToStr(Crypt.X509Encoding.ASN_Encodings, ref certNameBlob, Crypt.CertNameType.CERT_X500_NAME_STR, buffer, 1024 * sizeof(char))) != 0)
   

3. rebuild

To run it to 2 just quickly renew cert for default five 1 years, use a cmd like:

"[path-to-renew-cert-proj-dir\bin\Debug\]renewCert.exe" [old-cert-path\]old_cert_name.pfx [new-cert-path\]new_cert_name.pfx

If I remember correctly, I ran into the 6 same problem and just created a new certificate.

I 5 think the automatic update broke between 4 those versions, but there was no lasting 3 damage. It might have helped that my application 2 was for internal use only, so I didn't need 1 a properly signed certificate.

Basically you have to build an app to extend 10 the expiry of your certificate. The links 9 above will get you to the C++ source code 8 for the app. If you are lucky and just signed 7 it yourself it may work. If you used Verisign 6 etc. to sign it you are SOL. You will need 5 to uninstall and re-install every app. It's 4 like you buy a new car the engine blows 3 and the manufacturer gives you a book on 2 re-building engines instead of replacing 1 or fixing it. ClickOnce is not.