I had the same problem and found this solution:
All you have to do is to install your certificate into the "trusted root" certificate store and into the "trusted publisher" certificate store. Both are required!
This must be done on every pc you would like to have your addin installed.
You could do this "by hand" with the management console as described >here<, or you could create a console application (this is what I did).
usage:
// install certificate
InstallCertificate(@"C:\path_to_my_certificate_file\certificate_filename.cer");
// uninstall certificate
UninstallCertificate(@"C:\path_to_my_certificate_file\certificate_filename.cer");
code:
// required usings
using System;
using System.IO;
using System.Security.Cryptography.X509Certificates;
// then add the following methods somewhere in your console application
/// <summary>
/// install certificate on local machine
/// </summary>
/// <param name="certfile">full path to certificate file</param>
private static void InstallCertificate(string certfile)
{
try
{
X509Certificate2 certificate = new X509Certificate2(X509Certificate2.CreateFromCertFile(certfile));
//
// trusted root
//
// open certificate store
X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
// get all installed certificates and search for the certificate to be installed
bool IsCertificateAlreadyInstalled = false;
foreach (X509Certificate2 c in store.Certificates)
{
if (c.SubjectName.Name.Equals(certificate.SubjectName.Name))
{
IsCertificateAlreadyInstalled = true;
break;
}
}
// if certificate was found
if (IsCertificateAlreadyInstalled)
{
// certificate already exists
System.Console.WriteLine("certificate \"{0}\" is already installed in trusted root", certificate.SubjectName.Name);
}
else
{
// certificate does not exist and could be installed
System.Console.WriteLine("certificate \"{0}\" will now be installed in trusted root...", certificate.SubjectName.Name);
store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(certfile)));
System.Console.WriteLine("Installation was successfull!", certificate.FriendlyName);
}
store.Close();
//
// trusted publisher
//
// open certificate store
store = new X509Store(StoreName.TrustedPublisher, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
// get all installed certificates and search for the certificate to be installed
IsCertificateAlreadyInstalled = false;
foreach (X509Certificate2 c in store.Certificates)
{
if (c.SubjectName.Name.Equals(certificate.SubjectName.Name))
{
IsCertificateAlreadyInstalled = true;
break;
}
}
// if certificate was found
if (IsCertificateAlreadyInstalled)
{
// certificate already exists
System.Console.WriteLine("certificate \"{0}\" is already installed in trusted publisher", certificate.SubjectName.Name);
}
else
{
// certificate does not exist and could be installed
System.Console.WriteLine("certificate \"{0}\" will now be installed in trusted publisher...", certificate.SubjectName.Name);
store.Add(new X509Certificate2(X509Certificate2.CreateFromCertFile(certfile)));
System.Console.WriteLine("Installation was successfull!", certificate.FriendlyName);
}
store.Close();
}
#if DEBUG
catch (Exception ex)
{
System.Console.WriteLine("Installation has failed");
Console.WriteLine(ex.ToString());
}
#else
catch
{
System.Console.WriteLine("Installation has failed");
}
#endif
}
/// <summary>
/// uninstall certificate from local machine
/// </summary>
/// <param name="certfile">full path to certificate file</param>
private static void UninstallCertificate(string certfile)
{
try
{
X509Certificate2 certificate = new X509Certificate2(X509Certificate2.CreateFromCertFile(certfile));
//
// trusted root
//
// open certificate store
X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
// get all installed certificates and search for the certificate to be installed
bool IsCertificateAlreadyInstalled = false;
int i = 0;
foreach (X509Certificate2 c in store.Certificates)
{
if (c.SubjectName.Name.Equals(certificate.SubjectName.Name))
{
IsCertificateAlreadyInstalled = true;
break;
}
i++;
}
// if certificate was found
if (IsCertificateAlreadyInstalled)
{
// certificate exists and could be uninstalled
System.Console.WriteLine("certificate \"{0}\" will now be uninstalled from trusted root...", certificate.SubjectName.Name);
store.Remove(store.Certificates[i]);
System.Console.WriteLine("Uninstallation was successfull", certificate.FriendlyName);
}
else
{
// certificate does not exist and could not be uninstalled
System.Console.WriteLine("certificate \"{0}\" is not installed in trusted root", certificate.SubjectName.Name);
}
store.Close();
//
// trusted publisher
//
// open certificate store
store = new X509Store(StoreName.TrustedPublisher, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadWrite);
// get all installed certificates and search for the certificate to be installed
IsCertificateAlreadyInstalled = false;
i = 0;
foreach (X509Certificate2 c in store.Certificates)
{
if (c.SubjectName.Name.Equals(certificate.SubjectName.Name))
{
IsCertificateAlreadyInstalled = true;
break;
}
i++;
}
// if certificate was found
if (IsCertificateAlreadyInstalled)
{
// certificate exists and could be uninstalled
System.Console.WriteLine("certificate \"{0}\" will now be uninstalled from trusted publisher...", certificate.SubjectName.Name);
store.Remove(store.Certificates[i]);
System.Console.WriteLine("Uninstallation was successfull", certificate.FriendlyName);
}
else
{
// certificate does not exist and could not be uninstalled
System.Console.WriteLine("certificate \"{0}\" is not installed in trusted publisher", certificate.SubjectName.Name);
}
store.Close();
}
#if DEBUG
catch (Exception ex)
{
System.Console.WriteLine("Uninstallation has failed");
Console.WriteLine(ex.ToString());
}
#else
catch
{
System.Console.WriteLine("Uninstallation has failed");
}
#endif
}
(successfully tested with Inventor 2017 R4)
