In the first part of this series I wrote the possible solutions available for the ClicOnce certificate issue. if you have missed it please read it before continuing.

• ClickOnce Application,Expired Certificates & Public Key Token PART I
This post is not going to be a long one, I  just want to point out a very important issue, when updating the ClickOnce using the method specified in PART I .
When using Jim Harte’s Method to update a ClickOnce with a new certificate, it checks for the public token key of the current application to find its uninstall string, and then execute runDLL32 to trigger the uninstall. below is the code which gets the uninstall string:

/// <summary>
/// Gets the uninstall string for the current ClickOnce app from the Windows 
/// Registry.
/// </summary>
/// <param name="PublicKeyToken">The public key token of the app.</param>
/// <returns>The command line to execute that will uninstall the app.</returns>
 private static string GetUninstallString(string PublicKeyToken,

                          out string DisplayName)
{
 string uninstallString = null;
 string searchString = "PublicKeyToken=" + PublicKeyToken;
 RegistryKey uninstallKey = _
      Registry.CurrentUser.OpenSubKey

                ("Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall");
 string[] appKeyNames = uninstallKey.GetSubKeyNames();
 DisplayName = null;
 foreach(string appKeyName in appKeyNames)
{
  RegistryKey appKey = uninstallKey.OpenSubKey(appKeyName);
  uninstallString = (string)appKey.GetValue("UninstallString");
  DisplayName = (string)appKey.GetValue("DisplayName");
  appKey.Close();

 if(uninstallString.Contains(searchString))
                    break;
 }
            uninstallKey.Close();
            return uninstallString;
        }

 

In the above code it goes through registry keys of all ClickOnce application to get the uninstall string. and if that uninstall string contains the Public Token key of the current application, it will uninstall the application with that particular uninstall string. this is completely ok if there is only one application with that public token key. the public key of an assembly name identifies the developer (or the organization). Most organizations use only one public key to sign their assemblies with. so what if there is more than 1 application which has the same public token key?

1. The code will uninstall the very first match in the above code and it might uninstall some other application, instead of uninstalling the one we need to uninstall.
2. and it will  also install the new application from new URL, but with a different name sometimes (Eg: application name -1).
3. And if it had uninstalled another application, whenever user launches this application it will prompt the uninstall screen, each time when there are more than 1 application with the same public token key.

The Image below shows an uninstall string, which contains the application name, and public token key:

To avoid this problem of wrong application getting uninstalled, I changed this part of the code from above code to :

if(uninstallString.Contains(searchString)) break; 

this:

if(uninstallString.Contains(searchString)
               && uninstallString.Contains("yourApp.application"))
                    break;

 

In the code above, I’m Checking the ClickOnce application name with extension, along with the public token key to find out the correct uninstall string. that’s it!.

Hope this solves your time in someway.