问题
We have a winforms clickonce application in C# which is granted full trust and signed using a valid certificate.
The application runs fine and updates correctly on Windows XP, Windows 7. However, on a Windows 8 machine, it just fails to update. The application runs correctly though. However, the first update request to move up to a later version fails with: System.Deployment.Application.TrustNotGrantedException
The code failed after the call to ApplicationDeployment::CheckForDetailedUpdate() failed. Wondering why this could happen as the exact same code is running fine on all previous versions of Windows. Any help will be appreciated. Below is the relevant stack trace:
System.Deployment.Application.TrustNotGrantedException: User has refused to grant required permissions to the application.
at System.Deployment.Application.ApplicationTrust.RequestTrust(SubscriptionState subState, Boolean isShellVisible, Boolean isUpdate, ActivationContext actCtx, TrustManagerContext tmc)
at System.Deployment.Application.DeploymentManager.DetermineTrustCore(Boolean blocking, TrustParams tp)
at System.Deployment.Application.DeploymentManager.DetermineTrust(TrustParams trustParams)
at System.Deployment.Application.ApplicationDeployment.CheckForDetailedUpdate(Boolean persistUpdateCheckResult)
at System.Deployment.Application.ApplicationDeployment.CheckForDetailedUpdate()
回答1:
The only time I'd seen this stack trace was when I tried calling CheckForDetailedUpdate() without setting up the explicit trust before hand. After adding the code below, the update check worked.
// Setup the trust level
var deployment = ApplicationDeployment.CurrentDeployment;
var appId = new ApplicationIdentity(deployment.UpdatedApplicationFullName);
var unrestrictedPerms = new PermissionSet(PermissionState.Unrestricted);
var appTrust = new ApplicationTrust(appId) {
DefaultGrantSet = new PolicyStatement(unrestrictedPerms),
IsApplicationTrustedToRun = true,
Persist = true
};
ApplicationSecurityManager.UserApplicationTrusts.Add(appTrust);
// Check for update
var info = deployment.CheckForDetailedUpdate();
回答2:
From this MSDN page there are two causes. But it seems TrustNotGrantedException is usually raised when a new ClickOnce update has been deployed that uses more privileges than the previous version...
- The application uses permission elevation and the user denies the request for elevated trust; or
- The application uses Trusted Application Deployment and the digital certificate used to sign the application is not listed as a trusted publisher on the local machine. If you have deployed an update to an application, and the update uses more permissions than the previous version, and ClickOnce throws a TrustNotGrantedException, the new version will not install.
So it makes sense that it would fail to update, because the apps security level has changed since the user last installed it - so they will need to reinstall it.
回答3:
We had the same problem and ended up using the InPlaceHostingManager class. It's made for installing or updating a ClickOnce deployment. GetManifestAsync() fires the GetManifestCompleted event, which gives you the version number. Then you can call DownloadApplicationAsync() and handle the DownloadApplicationCompleted event. So far this works and no TrustNotGrantedException is thrown.
来源:https://stackoverflow.com/questions/14688282/clickonce-full-trust-app-update-failing-with-trustnotgrantedexception-on-windows