New Feature: Playlist Center! Pick a topic and let our playlists guide the way.

Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Reaping the benefits of XAP signing

From: Silverlight 5 Essential Training

Video: Reaping the benefits of XAP signing

When you create an elevated trust application, it is granted more privileges on the local computer. This presents a dilemma to your users. Should they trust you and your application? To help them make that decision, Microsoft shows them one of two dialogs. The yellow dialog, which signifies a riskier choice, is the default elevated trust prompt. As you can see, it asks the question at the top, "The publisher could not be verified. Are you sure that you want to install this application?" And then in the Publisher section, it says Unverified.

Reaping the benefits of XAP signing

When you create an elevated trust application, it is granted more privileges on the local computer. This presents a dilemma to your users. Should they trust you and your application? To help them make that decision, Microsoft shows them one of two dialogs. The yellow dialog, which signifies a riskier choice, is the default elevated trust prompt. As you can see, it asks the question at the top, "The publisher could not be verified. Are you sure that you want to install this application?" And then in the Publisher section, it says Unverified.

This is to show the user that they should think twice about clicking the Install button. The blue dialog is shown to the user if you digitally sign your XAP file. Just a reminder, XAP files are usually pronounced ZAP files. When you look at the blue dialog, you can see that it's more friendly. It says "Do you want to install this application," and then in the Publisher section, it shows Fourth Copy Corp. and also it shows a logo from the company. In order to sign your XAP file, you must acquire a signing certificate.

So, what exactly is a certificate? A certificate is supposed to prove to your end user that you have done a few things. One, your company has gone through a vetting process, that you have purchased that certificate from a valid vendor, and the code has not been altered since it was digitally signed. In the Windows operating system, certificates are known as Authenticode. A certificate is always signed by a public and a private key. Somewhere in the certificate chain is a trusted certificate authority, sometimes called a CA.

They provide a public key and you then buy a private key from them. When a browser goes to a site that has a signed Silverlight application, it traces the authority back through the certificate authority to see if it is a valid certificate, and then it shows either the yellow dialog or the blue dialog to the user, based on whether it can verify that that certificate is valid. There are a few certificate vendors out there. I've listed the main ones on this page. When I talk about certificates, I usually get asked these questions.

How long will it take to get certified? In my experience, it takes about two days to go through the certification process. The cost of a certificate ranges anywhere from $100 up to around $400. When you buy the certificate, you pick the expiration date. You can pick a 1-year or a 2-year certificate. The default is usually 1-year. It might be that you don't want to purchase a certificate. In that case, you can create what's called a testing certificate. That will work on your developer computer but it won't be usable on a real web site.

There are several tools for making those testing certificates. I'm going to show you the one that's inside Visual Studio 2010, and let's see how to do that. I'm going to switch to Visual Studio. I have this project opened called SigningTheXap. It's a normal out-of-browser application. Let's verify that. We'll go to Silverlight. It's an out-of-browser app, and I'm going to click on the Out-of-Browser Settings button and make sure that it's required elevated trust. It is. And when I run the application-- press F5--you'll see the yellow dialog when I go to install it.

Okay, now I want to digitally sign the certificate. It's a convoluted process to create these certificates. I've got a folder full of batch files that shows you how to do that. I'm going to go to Windows Explorer and I'm going to go to this folder called Bat Files. There are four different certificates in here and each one of them is one of the steps in creating a certificate. Let's take a look at this first one. Here's the MakeCert command and a bunch of parameters. I'm not going to spend the time in this movie talking about the details because Visual Studio makes it much easier for you to create the testing certificate.

If you are interested, there are four different bat files for you to look at. I'll return to Visual Studio, and here is how I would create a testing certificate in Visual Studio. I'm going to go to the Signings tab and then I'm going to click the Sign the XAP File. Next, if I had purchased a certificate, I would've installed it on this computer. I would then go to Select from Store, and I would pick my certificate from this list. I don't have a certificate yet, so I'm going to click on Cancel. And then I'm going to come down here and click the Create Test Certificate button.

I have to provide a password. Be sure and choose one that you'll remember, like so. And now when I go Select from Store you'll see that it's added this certificate from my computer and my logon credentials. It's also created this pfx file inside the project, and if I want to, I can click in this More Details to read about the certificate. It gives me the information. It says, "This is not a trusted certificate." It can't find a valid CA Root certificate.

It gives me more details about the serial number and things like that. If I close this and go out to Internet Explorer, which I'll have to launch, here's Internet Explorer. In Internet Explorer, I can go to Tools > Internet Options > Content > Certificates and see all of the installed certificates through the browser configuration. I've got my certificate. Now I'm ready to build the application. Close these dialogs and return back to Visual Studio, and at this point all I need to do is re-build the application.

Let's choose Build or Ctrl+Shift+B or however you like to compile the application, and then you can press F5 and Install. Now, due to the quirks of working with the browser cache, you may not see your certificate update immediately upon signing the XAP file. Trust me though, it does work. Check out the other movies in this chapter to see more features on the elevated trust applications.

Show transcript

This video is part of

Image for Silverlight 5 Essential Training
Silverlight 5 Essential Training

106 video lessons · 5312 viewers

Walt Ritscher
Author

 
Expand all | Collapse all
  1. 1m 41s
    1. Welcome
      53s
    2. Using the exercise files
      48s
  2. 35m 0s
    1. Overview of Silverlight
      3m 29s
    2. Setting up a developer computer
      2m 46s
    3. Installing the Silverlight Toolkit
      2m 21s
    4. Exploring the toolkit samples
      2m 35s
    5. Using Visual Studio 2010 to create a Silverlight project
      5m 10s
    6. Using Expression Blend to create a Silverlight project
      3m 13s
    7. Getting to know the Visual Studio interface
      8m 15s
    8. Working in the Expression Blend interface
      7m 11s
  3. 29m 46s
    1. Understanding the Visual Studio project structure
      3m 38s
    2. Creating a Silverlight page
      3m 17s
    3. Compiling your first application
      5m 0s
    4. Using other assemblies in an application
      5m 45s
    5. Deploying a Silverlight application
      3m 43s
    6. Understanding the startup process for an application
      3m 13s
    7. Understanding how users get Silverlight on their computers
      5m 10s
  4. 16m 59s
    1. Exploring the relationship between XAML and .NET
      3m 57s
    2. Using C#
      7m 16s
    3. Exploring the code-behind file
      5m 46s
  5. 43m 22s
    1. Working with XAML elements and Property attributes
      4m 56s
    2. Investigating XAML namespaces
      7m 31s
    3. Converting XAML properties with TypeConverters
      5m 1s
    4. Working with Property elements
      4m 24s
    5. Assigning runtime data with XAML markup extensions
      4m 21s
    6. Digging into the dependency property system
      6m 12s
    7. Creating a custom dependency property
      4m 42s
    8. Understanding attached properties
      6m 15s
  6. 9m 35s
    1. Debugging your code
      5m 17s
    2. Special Silverlight debugging techniques
      4m 18s
  7. 36m 0s
    1. Understanding layout
      4m 55s
    2. Using DockPanel and WrapPanel
      4m 2s
    3. Exploring sophisticated layouts with the Grid
      6m 40s
    4. Absolute positioning with the Canvas panel
      5m 20s
    5. Scrolling content with the ScrollViewer
      3m 28s
    6. Adjusting content alignment, margins, and sizing
      5m 6s
    7. Using the TabControl
      2m 17s
    8. Manipulating elements with transforms
      4m 12s
  8. 20m 32s
    1. Painting the user interface (UI) with SolidColorBrush
      6m 7s
    2. Getting colorful with gradient brushes
      3m 15s
    3. Decorating elements with ImageBrush
      4m 56s
    4. Creating effects with VideoBrush
      6m 14s
  9. 25m 42s
    1. Understanding routed events
      3m 12s
    2. Wiring up event handlers in Silverlight
      6m 4s
    3. Understanding event bubbling
      4m 39s
    4. Exploring mouse events
      7m 43s
    5. Exploring keyboard events
      4m 4s
  10. 32m 31s
    1. Displaying text on the screen
      3m 24s
    2. Gathering text input from the user
      5m 30s
    3. Showing complex text with RichTextBox
      6m 7s
    4. Understanding text overflow and text linking
      3m 14s
    5. Searching content with the AutoComplete type-ahead control
      6m 45s
    6. Using and embedding Silverlight fonts
      7m 31s
  11. 26m 47s
    1. Understanding content controls
      5m 7s
    2. Understanding button controls
      6m 16s
    3. Using the BusyIndicator
      4m 40s
    4. Showing tooltips
      4m 34s
    5. Changing content size with ViewBox
      1m 39s
    6. Exploring more controls
      4m 31s
  12. 55m 36s
    1. Connecting elements with binding
      9m 54s
    2. Using business data in a binding
      9m 21s
    3. Listing data with ItemsControls
      6m 39s
    4. Digging into the DataGrid
      8m 28s
    5. Using the DataForm
      3m 49s
    6. Storing data on the client
      7m 10s
    7. Debugging XAML bindings
      5m 41s
    8. Charting data
      4m 34s
  13. 24m 36s
    1. Creating an Out-of-Browser (OOB) application
      6m 16s
    2. Controlling aspects of an OOB application
      2m 49s
    3. Alerting the user with notification windows
      7m 13s
    4. Hosting HTML content in Silverlight applications
      8m 18s
  14. 30m 2s
    1. Exploring Silverlight trust levels
      3m 51s
    2. Creating an elevated trust application
      5m 57s
    3. Reaping the benefits of XAP signing
      6m 5s
    4. Making cross-domain calls
      5m 1s
    5. Getting started with COM Interop using the Speech API
      4m 21s
    6. Using COM Interop to interact with Microsoft Office
      4m 47s
  15. 16m 33s
    1. Showing child windows
      3m 48s
    2. Using a child window as a dialog window
      5m 7s
    3. Creating native windows
      2m 53s
    4. Maximizing a window with full screen mode
      4m 45s
  16. 13m 20s
    1. Dynamically loading UI content with user controls
      4m 46s
    2. Using the Navigation Framework
      8m 34s
  17. 9m 28s
    1. Using resource files
      3m 53s
    2. Using images in an application
      5m 35s
  18. 16m 32s
    1. Playing audio
      4m 27s
    2. Playing sound effects
      5m 4s
    3. Viewing video content with MediaElement
      4m 58s
    4. Changing video playback speed with TrickPlay
      2m 3s
  19. 14m 40s
    1. Capturing video with a web camera
      4m 16s
    2. Working with a microphone
      3m 47s
    3. Creating print output
      6m 37s
  20. 22m 35s
    1. Understanding Silverlight animations
      4m 35s
    2. Creating animations
      7m 52s
    3. Controlling animations
      4m 18s
    4. Simulating physics with animation easings
      5m 50s
  21. 27m 47s
    1. Placing XAML resources within a FrameworkElement
      6m 47s
    2. Centralizing settings in styles
      4m 8s
    3. Creating an alternate control UI with ControlTemplates
      6m 29s
    4. Dressing up your data with DataTemplates
      4m 33s
    5. Explaining the VisualStateManager: a simple way to manage control states
      5m 50s
  22. 10m 55s
    1. Handling global errors in a Silverlight application
      5m 46s
    2. Showing an application loading screen
      5m 9s
  23. 10m 48s
    1. Integrating with XNA
      7m 40s
    2. Exploring data analysis with PivotViewer
      3m 8s
  24. 1m 6s
    1. Goodbye
      1m 6s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold

Are you sure you want to delete this note?

No

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.