I am exactly using following steps to resign my application manifest and deployment manifest using certificate file.
mage -s app-manifest -cf cert_file -pwd password
mage -u deployment-manifest -appm app-manifest
mage -s deployment-manifest -cf certfile -pwd password
I want to verify that my manifest files are signed or not and moreover properly signed or not?
I already tried these options: -Check manifest file after completing the signing process using Mage.exe tool (but the tool still says that the manifest is not signed) -Using the SignTool to verify (but manifests are not recognized by them, as I suppose SignTool are only to verify application files like .exe/.dll) -Compare the manifest file before and after signing, where I could see the changes but couldn't figure out if that has been properly signed or not?
So, the question is how could we verify that our manifest file is signed properly? Is there any tool or way out to achieve this?
Note: My WPF solution build process will generate the manifests and app files, i.e. MyInstaller.exe.manifest and MyWeb.xbap files.
Regards, OM
Yes, it's very easy to check for sign. Open this files in any text editor and try to find tag. If you have founded it in .application and .manifest file, then your ClickOnce application is currently signed.
Here is 2 examples:
1 - Full signed
2 - unsigned project.