Geeks With Blogs
Saqib Ullah BootStrapper Know How

I my last blog of ClickOnce series we saw the complete cycle of the ClickOnce deployment and now in this blog we will see ClickOnce manifest and self updating of application. When publish finished it’s will create two XML files that we called manifest files and they are deployment manifest and an application manifest. One important point that I want mount is the manifest signing and this done by strong-name by using public/private keys and signed with Authenticode technology. Visual Studio 2005 only gives an option of Personal Information Exchange (PFX) key file, but it’s possible to give user selected certificate for signing.



Deployment Manifest

In this manifest file of the ClickOnce deployment following are the information available.

·          Current Application Version

·          Install on Client machine or run offline

·          Deployment Setting


Deployment manifest file name should be end with .application extension. One important point that I note here is that the deployment manifest generate different xml elements on the basis Application Updates [The application should check for updates] feature and in my <deploymentProvider codebase="http://su/appClick/SameAppClickOnce.application" /> tag is added which simply tell the alternate location to poll for application updates.


This is my generated deployment manifest file.

<?xml version="1.0" encoding="utf-8"?>

<asmv1:assembly xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" manifestVersion="1.0" xmlns:dsig="" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xrml="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:xsi="">

  <assemblyIdentity name="SameAppClickOnce.application" version="" publicKeyToken="c8526be01eab28ed" language="neutral" processorArchitecture="msil" xmlns="urn:schemas-microsoft-com:asm.v1" />

  <description asmv2:publisher="Inbox" asmv2:product="SameAppClickOnce" xmlns="urn:schemas-microsoft-com:asm.v1" />

  <deployment install="true" mapFileExtensions="true">



        <beforeApplicationStartup />



    <deploymentProvider codebase="http://su/appClick/SameAppClickOnce.application" />



    <dependentAssembly dependencyType="install" codebase="SameAppClickOnce_1_0_0_2\SameAppClickOnce.exe.manifest" size="5858">

      <assemblyIdentity name="SameAppClickOnce.exe" version="" publicKeyToken="c8526be01eab28ed" language="neutral" processorArchitecture="msil" type="win32" />



          <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />


        <dsig:DigestMethod Algorithm="" />





<publisherIdentity name="CN=INBOXBIZ\saqib" issuerKeyHash="99e43b08805495d146294d0c7da97424c257943c" />

<Signature Id="StrongNameSignature" xmlns="">

<!—signed encrypted information base of on the “algorithm #rsa-sha1”. Details Omitted for Brevity -->





Application Manifest

In application manifest file following information are available.

·          Application description

·          Depended Assemblies

·          Depended files (resources)

·          Resource using by the application and most important requires permission for application to work properly.


Application manifest very easily identified, it is the name of the assembly.exe plus .manifest extension. For an application manifest that refers to the SameAppClickOnce.exe application would use the following file name syntax.




This is my generated application manifest file.

<?xml version="1.0" encoding="utf-8"?>

<asmv1:assembly manifestVersion="1.0" xsi:schemaLocation="urn:schemas-microsoft-com:asm.v1 assembly.adaptive.xsd" xmlns:dsig="" xmlns="urn:schemas-microsoft-com:asm.v2" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="">

  <asmv1:assemblyIdentity name="SameAppClickOnce.exe" version="" publicKeyToken="c8526be01eab28ed" language="neutral" processorArchitecture="msil" type="win32" />

  <application />


    <assemblyIdentity name="SameAppClickOnce" version="" language="neutral" processorArchitecture="msil" />

    <commandLine file="SameAppClickOnce.exe" parameters="" />





        <PermissionSet class="System.Security.PermissionSet" version="1" Unrestricted="true" ID="Custom" SameSite="site" />

        <defaultAssemblyRequest permissionSetReference="Custom" />







        <os majorVersion="4" minorVersion="10" buildNumber="0" servicePackMajor="0" />





    <dependentAssembly dependencyType="preRequisite" allowDelayedBinding="true">

      <assemblyIdentity name="Microsoft.Windows.CommonLanguageRuntime" version="2.0.50727.0" />




    <dependentAssembly dependencyType="install" allowDelayedBinding="true" codebase="SameAppClickOnce.exe" size="20480">

      <assemblyIdentity name="SameAppClickOnce" version="" language="neutral" processorArchitecture="msil" />



          <dsig:Transform Algorithm="urn:schemas-microsoft-com:HashTransforms.Identity" />


        <dsig:DigestMethod Algorithm="" />





<publisherIdentity name="CN=INBOXBIZ\saqib" issuerKeyHash="99e43b08805495d146294d0c7da97424c257943c">

<!-- Details Omitted for Brevity --!>



Manifest Dependences

Both manifest file should be present on the deployment location, along with the application required files. It is possible that you deploy both manifest files on the different location means deployment manifest need not to store in the same location as the application manifest. When ClickOnce process starts deployment manifest is the file that tell the ClickOnce engine where to find the application manifest and the appropriate application manifest that depends on application version. Posted on Saturday, April 21, 2007 8:24 AM .Net | Back to top

Comments on this post: ClickOnce Files

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Saqib Ullah | Powered by: