Revit Architecture Forum
Welcome to Autodesk’s Revit Architecture Forums. Share your knowledge, ask questions, and explore popular Revit Architecture topics.
abbrechen
Suchergebnisse werden angezeigt für 
Anzeigen  nur  | Stattdessen suchen nach 
Meintest du: 

Signing Revit 2017 Add Ins

3 ANTWORTEN 3
Antworten
Nachricht 1 von 4
Anonymous
1242 Aufrufe, 3 Antworten

Signing Revit 2017 Add Ins

I'm having trouble when I try to sign my addins for Revit 2017.  In my project I now have a self generated cert (using MakeCert), and then turned it into a pfx.  Then in my project settings, under signing I sign the assembly and use the pfx file.  When I do this and build I get warnings that the RevitAPIUI does not have a strong name, and then Revit won't load my assembly but the error points to RevitAPIUI.  Is there more than one set of references to be used (signed and unsigned)?  It appears that I am reverencing unsigned API references when I need to be using signed ones.

 

Here are the compiler warnings:

1>CSC : warning CS8002: Referenced assembly 'RevitAPIUI, Version=17.0.0.0, Culture=neutral, PublicKeyToken=null' does not have a strong name.
1>CSC : warning CS8002: Referenced assembly 'RevitAPI, Version=17.0.0.0, Culture=neutral, PublicKeyToken=null' does not have a strong nam

When I start revit I first get the warning for the unsigned add in (even though I have signed it, and added the certification in Windows using certmgr):

PublisherVerificationWarning.PNG

 

 

And next I get a System.IO.FileLoadException on RevitAPIUI:

 

Revit2017SystemIOFileLoadException.PNG 

 

Can anyone who is doing this successfully see any mistakes, or did you encounter this? 

3 ANTWORTEN 3
Nachricht 2 von 4
Viveka_CD
als Antwort auf: Anonymous

Hi @Anonymous

This is basically a Security error: Unsigned File or Add-In error

1.When you try to load an executable file or add-in, a dialog displays asking you to verify its publisher.

Issue: This executable file or add-in has a valid signature ensuring that it has not been tampered with since it was signed by the publisher. Before Revit will run the executable or add-in, you need to determine whether you trust this publisher.

Solution: Choose the appropriate option:

  • Always Load. The file is from a publisher whom you know and trust. In the future, when you load this file or any other file signed by this publisher, it will be loaded without displaying this warning.
  • Load Once. You trust the current edition of the file and you want to load it now. If you load the file again in the future, the warning is repeated.
  • Do Not Load. Cancels the request to load the file.

Note: Load the file only if you trust the publisher who provided it.If you are professional developer and your application is already digitally signed by a trusted certificate authority, your add-in is already compatible with the digital signature checking in Revit. The following sections are intended for developers who author add-ins, but who are not familiar with digital signing in Revit. Questions and answers about the Revit API language environment, development tools, best practices, and other common issues can be accessed HERE 

2.When you try to load an executable file or add-in, a dialog indicates that there may be a security issue.

Issue: Executable files or add-ins include a digital signature to guard against malware

  • To protect you against potential malware threats, the Invalid Signature dialog displays when one of these conditions are met:
  • The file was modified (intentionally altered or secretly tampered with) after the file was digitally signed.
  • The file was corrupted in transit or when it was being digitally signed.
  • The digital certificate was revoked by the publisher, indicating that files signed by this certificate may be compromised.

Solution: Do not load the file. Contact the publisher to obtain the latest edition of the file with the correct digital signature. Try to load the file again. 

3.To access the digital signature for a signed file, do one of the following:

  • If a dialog includes a View Certificate link, click the link.
  • Right-click the file and then click Properties, the Digital Signatures tab, the name of the signer and the Details button, and then View Certificate.

About digital signatures:

When you try to load an executable file or add-in, the software checks its security credentials, including its digital signature.

A digital signature is a block of information added to certain files to identify the originator and indicate whether a file has been altered since the digital signature was applied.

You can examine a file's digital signature through a chain of trust back to the root certificate issued by a trusted certificate authority (CA).

Information on installing add-ins for Revit can be found HERE

Please mark this response as "Accept as Solution" if it answers your question to benefit other users looking for similar solutions. Kudos gladly accepted.

Nachricht 3 von 4
Anonymous
als Antwort auf: Viveka_CD

Thank you for the reply Viveka.  I posted this again in the API forum (didn't mean to post here) and there is a bit more discussion.  But my issue really was that the Revit components themselves are unsigned (specifically the RevitAPIUI and RevitAPI dlls).  When you use Visual Studio to build an add in this causes problems if you use the VS signing macros.  The linked documents describing how to sign the revit add in don't use this method, but also do not tell you not to.  In a nutshell sign your add in by using the post build event commands, not by using the build in VS signing macros.  I think the Revit documents would be a bit more helpful if they at least mentioned this.  

Nachricht 4 von 4
Viveka_CD
als Antwort auf: Anonymous

Hi @Anonymous

I appreciate  your response and suggestions!

You wrote:

  "In a nutshell sign your add in by using the post build event commands, not by using the build in VS signing macros.  I think the Revit documents would be a bit more helpful if they at least mentioned this."

Thanks for letting us know that including this information will be helpful.

HERE is the link to your solution on the API forum discussion to benefit other users looking for similar issues.

RevitAPI.dll and RevitAPIUI.dll can be restored from the following module, (the dll extensions plays an integral part in interaction between the macro manager and Revit IDE and can be removed sometimes).

    1. Select the module in the Macro Manager.
    2. Click Edit.
    3. In the Project Explorer of IDE, right-click on the references section, and select Add Reference.
    4. In the Add Reference dialog, click the Browse tab.
    5. Navigate to \Revit <release>\Program.
    6. Select RevitAPI.dll and RevitAPIUI.dll.
    7. Click OK.

The references are restored and the macro will build, debug, and run as needed.Information on how to Integrate Macros into the Revit IDE can be found HERE

 Thanks and good luck with your add-ins!

Sie finden nicht, was Sie suchen? Fragen Sie die Community oder teilen Sie Ihr Wissen mit anderen.

In Foren veröffentlichen  

Autodesk Design & Make Report