My company purchased an EV Certificate from Symantec to use for a software product we produce. Specifically it is called: Symantec Class 3 Extended Validation Code Signing CA – G2.
To develop and build this product we use Visual Studio 2013, and we use ClickOnce as the publish and installer mechanism. The problem we are having is that ClickOnce is unable to apply the EV Certificate using it’s built-in signing mechansim. ClickOnce can see the Certificate just fine, and allows us to select it with the “Select from Store…” button. It shows all of the correct information in the Certificate window. But when we Publish the following error is encountered:
“An error occurred while signing: Failed to sign bin\Release\app.publish\setup.exe. SignTool Error: An unexpected internal error has occurred.”
Note that we are able to use SignTool.exe to apply the EV Certificate from the command line, so the problem is not with that program.
Has anyone had experience with this combination of EV Certificate and ClickOnce? Is there a different EV Certificate that we should buy that works better with ClickOnce?
I had the exact same problem a few days ago and the Digicert after-sales service has been able to to solve it. Try to check the value of this register key (in regedit):
HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Cryptography/Providers/SafeNet Smart Card Key Storage Provider/Aliases
The value should be "eToken Base Cryptographic Provider" and not "eToken Base Cryctographic Provider" ('p' instead of 'c').
As said in the comments, you'll have to reboot after that change.
Hope it helps.