Question posted in 
I am working on a WPF App but could not make it as a trusted App after publishing it with clickonce. I looked many post with similar issues, signed the clickonce manifest, installed certificate, created test certificate and finally made the App trusted by my own computer. However, when I install the App on other computers, it is still not trusted by those machines. Does it mean I should ask every user who use my App install the same certificate (.cer file) first? But even after installing the certificate and recognizing the publisher name, some computers still prompt security alert like “Windows protected your PC”.
So I wondered, how it works when the computer system recognize trusted/unknown publisher? As my App is not a commercial product, and it runs offline most of the time (I only have a MySql database on a CPanel provided by Godaddy to store user login information and some user input data), so besides purchasing a valid certificate, is there is any other way to work around? If there is, what are the appropriate ways to do it?
Can anyone explain a little bit or provide any source? Thanks in advance!
2
Answers
The certificate that was used to sign the ClickOnce application must be configured in the Trusted Publishers certificate store on all user machines.
Also the certificate must be purchased from a trusted authority that is a member of the Microsoft Trusted Root Certificate Program: https://social.technet.microsoft.com/wiki/contents/articles/37425.microsoft-trusted-root-certificate-program-participants-as-of-march-9-2017.aspx
Please refer to the following link for more information about this.
WPF Application Deployment using ClickOnce with trust certificate
You mentioned “Windows protected your PC” so we’re most probably talking about a SmartScreen issue here. RobinDotNet explained the oddities of ClickOnce and Windows SmartScreen in all detail in her blog posts Windows 8 and ClickOnce : the definitive answer and Windows 8 and ClickOnce : the definitive answer revisited.