Clickonce , "Your Web browser settings do not allow you to run unsigned applications.!

We're trying to deploy an unsigned clickonce application. For some users this fails with the below error, while for others its no problem.

This is probably a security setting somewhere, but we have been unable to find it. Any tips on how to allow this application to be installed (bar signing it )

PLATFORM VERSION INFO
    Windows             : 5.1.2600.196608 (Wi开发者_高级运维n32NT)
    Common Language Runtime     : 2.0.50727.3615
    System.Deployment.dll       : 2.0.50727.3053 (netfxsp.050727-3000)
    mscorwks.dll            : 2.0.50727.3615 (GDR.050727-3600)
    dfdll.dll           : 2.0.50727.3053 (netfxsp.050727-3000)
    dfshim.dll          : 4.0.31106.0 (Main.031106-0000)

SOURCES
    Deployment url          : http://xxxxx/xxxxx.application
                        Server      : Apache-Coyote/1.1
    Deployment Provider url     : http://xxxxx/xxxxx.application

ERROR SUMMARY
    Below is a summary of the errors, details of these errors are listed later in the log.
    * Activation of http://xxxxx/xxxxx.applicationresulted in exception. Following failure messages were detected:
        + Your Web browser settings do not allow you to run unsigned applications.

COMPONENT STORE TRANSACTION FAILURE SUMMARY
    No transaction error was detected.

WARNINGS
    * The manifest for this application does not have a signature. Signature validation will be ignored.

OPERATION PROGRESS STATUS
    * [12/8/2010 12:41:11 PM] : Activation of http://xxxxx/xxxxx.application has started.

ERROR DETAILS
    Following errors were detected during this operation.
    * [12/8/2010 12:41:12 PM] System.Deployment.Application.InvalidDeploymentException (Manifest)
        - Your Web browser settings do not allow you to run unsigned applications.
        - Source: System.Deployment
        - Stack trace:
            at System.Deployment.Application.ApplicationActivator.BrowserSettings.Validate(String manifestPath)
            at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
            at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)

COMPONENT STORE TRANSACTION DETAILS
    No transaction information is available.

I had the same problem in Internet Explorer 7 today. I had to change three settings to resolve the issue.

I'm sure a lot of this depends on your specific security configuration, but hopefully this will be useful to someone else.

1 - Tools->Options->Security tab->Trusted Sites->Sites button->Add->OK

2 - Tools->Options->Security tab->Trusted Sites->Custom Level->Automatic logon with current user and password

3 - Tools->Options->Advanced->Allow software to run even if the signature is invalid

For me worked check in Internet Options -> Advanced -> "Allow Software to run or install even if the signature is invalid"

If your users are using IE have a look in Internet Options -> Advanced -> Security -> anything to do with signatures and/or certificates.

Otherwise do like Karl said: sign the thing. Why wouldn't you want it signed? Even inside our corporate network we sign code and applications.