Who is this article for?

Adminstrators who have questions about digital signatures.

No elevated permissions are required.

This article outlines our stance on code and ClickOnce package signing issues in Ideagen Internal Audit. We occasionally receive inquiries about digital signing with Authenticode certificates, which applies in two key areas.

1. Signing the ClickOnce package

When installing the application through ClickOnce, a dialog appears:

The Publisher is 'Unknown' despite the ClickOnce package being digitally signed.

This occurs because the package is signed on your server with a self-signed certificate.

Most installs are on-prem, so signing with 'Ideagen' would require distributing our certificate to customers, which isn't practical.

2. Signing the application files

The application's EXE and DLL files are unsigned. Altering this would demand considerable development effort due to the complexity of the building process.
As we are prioritising the development of Ideagen Internal Audit's successor, this issue will not be resolved.