Skip to content

Clickonce singing is broken when using the KeyVaultService that creates a RSAKeyVault #865

Closed
#866
Closed
Clickonce singing is broken when using the KeyVaultService that creates a RSAKeyVault#865
#866
Assignees
dlemstra
Labels
Priority:0Work that we can't release withoutarea-azure-key-vaultRelated to Azure Key Vault signingarea-clickonceRelated to ClickOnce signingbugin-prThere is an active PR which will close this issue when it is merged
@dlemstra

Description

@dlemstra
dlemstra
opened on May 10, 2025

Signing a Clickonce application with a key vault does not work because RSAKeyVault does not have an implementation for ExportParameters that retrieves the certificate from the key vault. We could remove calls to ExportParameters in our code but that would not resolve methods where we pass in the RSA object and that code calls that method. One example where that is happening is inside the SignedXml class. To solve this we would need to return an RSA class that has a similar way of solving this problem like we do inside the RSATrustedSigning class.

Metadata

Metadata

Assignees

Labels

Priority:0Work that we can't release withoutarea-azure-key-vaultRelated to Azure Key Vault signingarea-clickonceRelated to ClickOnce signingbugin-prThere is an active PR which will close this issue when it is merged

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions