Signing ClickOnce Manifests
Updated: July 2008
To publish an application by using ClickOnce deployment, you must sign the application and deployment manifests for the application with a public/private key pair. The tools for signing a manifest are available on the Signing page of the Project Designer; for more information see Signing Page, Project Designer. Alternatively, you can sign the manifests with a key file during the publishing process, using the Publish Wizard.
Starting in Visual Studio 2008 SP1, signing the ClickOnce manifests and hashing files is optional. For more information, see "Generating Unsigned Manifests" in How to: Sign Application and Deployment Manifests.