I've been really struggling with this one for days. I've seen other posts like ClickOnce Deployment Error: different computed hash than specified in manifest, but the solutions do not seem to work for me.

I have a valid code signing certificate, and have been using it to sign my ClickOnce application for months. I realized I wasn't signing the executable and dlls themselves, so I attempt to do so. Now every time I publish and run the setup.exe, it fails with: "File, xxxxxx.dll, has a different computed hash than specified in manifest."

If I do not sign the exe and Dlls, I can redeploy. I made sure all copies of the exe/dlls are signed in all directories (Target, Obj) before publishing. I've tried using Mage/MageUI but have had no success. Is it possible to configure a ClickOnce install without signed code, then publish signed code? Seems logical, but perhaps I am missing something.

Thanks, Gregg

Is there any chance you are trying to deploy a WPF application and using Visual Studio 2012 or later? If so, you have to use the "AfterCompile" setting in your project file to sign the application, or you end up with the hash mismatch.

See this stackoverflow post: SignTool Not Signing ClickOnce App Using SHA256, Only Uses SHA1

Which links to Robin's excellent blog solution: http://robindotnet.wordpress.com/2013/04/14/windows-8-and-clickonce-the-definitive-answer-revisited/

First thing to check: Publish - Updates - Application Updates - URL is correct (e.g. you have a test URL and a deployment URL)

Second thing to check: remove System.Deployment reference and add it back in. We had the problem after moving project from VS2012 to VS2015, and this action got it working again after hours of trying different ideas.

btw - here's an easy guide to how to do the accepted answer:

• right click the project and select "Unload Project"

• right click the project and select "Edit"

• add the following before the final project close tag:

  <Target Name="AfterCompile" Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
    <Exec Command="&quot;C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\signtool.exe&quot; sign /f &quot;C:\temp\myPFX.pfx&quot; /p &quot;admin&quot; /v &quot;$(ProjectDir)obj\$(ConfigurationName)\$(TargetFileName)&quot;" />
  </Target>

• change the location of signtool.exe and pfx (signature) file to your own locations

• save the project file

• reload the project

I'm still using Visual Studio 2015, app config transformation per build configuration, TFS and using different release branches. After much research, I was not able to find a solution to fix this issue until I started using the publish wizard button.

If you are using VS2015, first try publishing with the "Publish Wizard..." button instead of the "Publish Now" button. Apparently, the publish wizard button updates the manifest file after the app config transformation has occurred.

Many of my problems with clickonce and code-signing using Visual Studio 2013, including this particular problem, were resolved by installing vs2013 update 4.

(maybe update 3 would have been enough but I installed update 4 after several days of frustration)

I am using signtool with the /sha1 option in the post-build event of every assembly. (run always).

My Problem resolved after I clean Debug Folder of my Application and then also Remove Everything from Publish folder on the server (target machine). Cleaning Publish fodler doesn't stop your application working installed on clients machines. So follow the instruction and that already worked for me after 3 days searching. Then I Re-Publish the Application and it start working and they clients side application also updated.