How to publish a certificate from a PFX file

I am trying to publish a VSTO application using ClickOnce and have generated a "temporary key" (a PFX file) to sign the ClickOnce manifest. This certificate is not accepted on the target computer and thus my application cannot be installed.

More precisely, if the ClickOnce server is within the "Intranet" zone in the Windows "Internet Settings", installation of the application is possible but the user is warned and prompted to accept the certificate every time a n开发者_C百科ew version is to be installed.

I would like to install the certificate on the target machine as a trusted certificate.

The only file Visual Studio generated for the certificate was a PFX file. This file seems to include the private key so I do not want to publish it. How can I extract a public certificate from that PFX file such that it can be installed as a trusted certificate?

Is your application a VSTO application? AFAIK, VSTO does require a valid certificate, or that the certificate be installed on the user's machine and has a trusted publisher. But non-VSTO ClickOnce does not, unless there's been something changed on the machine? It should give the security prompt, but the user should be able to install the application anyway. Does yours not work this way?

The certificate created in Visual Studio is good for a year.

To get a trusted certificate, you can purchase one (I hear Go Daddy provides them for as little as US$99). If you work in a corporate environment, the corporate IT guys can create a code signing certificate that chains back to a trusted publisher.

For a PFX file, you can double-click on it to add it to the user's registry.