Looking to build a WPF XBap with full trust, can a purchased certificate get past some of the security issues?

Question

We are developing an application that needs to talk to some hardware (serial port) on the machine, and most of what we do is WPF and .net, so an xbap seems logical.

My concern is with the certifcates. I have seen a bunch of people showing how to create and self sign applications, but then the user is required to install that to their machine manual to trust the root. I am curious if we purchase an cert from say Verisign if that requirement will then go away?

I have no problem if there is a prompt requesting full trust, but I do not want my remote users dealing with installing certificates.

Thanks

Answer 1

If you purchase a code signing certificate from a trusted authority then the users will not need to do anything with certificates.

Answer 2

If your certificate comes from a trusted authority, the users won't generally need to worry about it (where it becomes an issue is if you let your certificate lapse). If you're a member of Code Project, you can get a "cheap" certificate from one of their partners. More information here.

Answer 3

Hi

Did you resolve this, as I recently bought a certificate from Thawte for my XBAP web application, and I cannot deploy it on a client machine without manually installing the certificate, it says "Trust Not Granted", which is the same as if I use a self signed certificate, I cannot therefore understand the purpose of buying a certificate?

Thanks. David

Answer 4

Hi Pete

The issue I have is that I have already bought a certificate from Thawte and the client needs to manually install as my application still says Not Trusted when they try to start it. So it seems like a waste of time buying one when you can make yourself as the client has to manually install either way.