To publish a WPF application from a CI DevOps pipeline I needed a command line tool to sign ClickOnce manifests and executables. The certificate is an EV Code Signing Certificate stored in an Azure Key Vault. After some research I found tools to sign executables, but no tools to sign the ClickOnce manifest files.
I made a solution combining an open source tool AzureSignTool and the Microsoft ClickOnce Mage tool to sign manifest files. The result is a command line AzureSignToolClickOnce.exe tool to do all the tasks.lees meer..