Silverlight 4 OOB App with elevated trust and signed cert does not update? Need to re-install?

I have a OOB app that did not require elevated trust and was not signed. Many people have downloaded it and use it OOB.

I then needed to use elevated trust features, so I bought a legitimate certificate from Comodo and I now sign it. Everything works great on localhost - it is trusted and recognises the certificate.

However, once I uploaded the new version my existing OOB install (which was the old unsigned, non-elevated trust app) did not do the usual "new version check and update".

This is critical as many people have installed it - is there some limitation on changing to signed, elevated trust with regards to downloads? The .xap name is the same and in the same location. A fiddler lookup sees the new change so it' snot a caching issue. I cleared all my caches with CCleaner to be sure.

I uninstalled the old OOB app on another computer and the signed cert is working fine on install (ie. I get the nice "trusted publisher" install message) so it's not a signing issue. You can see it live here (I will leave the new version up as there is no harm - the old users just wont know about it!)

I believe it is something to do with the Elevated Trust change?

Update: I did some more testing: I removed the Elevated Trust and uploaded it again. The OLD one that did not update then DID update, and the new one (elevated trust + signed) on the other computer did NOT update. So it seems as they the update process cannot handle a change in the Trust elevation, regardless of whether it is signed or not. This is a BIG problem with all the users who will be stuck on an old version and never know it.

The other problem is that the NEW signed app thinks that the app is install on my computer (the old unsigned one that does not update) and hence will not show the Install option. And very few users will know how to uninstall it and reinstall it IF they even went to the website one day to check. This is a really serious bug if it is the case.

-------------Problems Reply------------

Unfortunately, your users will need to uninstall and reinstall the application. It's not a bug as such (I don't believe), but more by design. If you take a look at this article on MSDN:, you'll see that it states:

Silverlight 4 provides support for running out-of-browser applications with elevated trust. Trusted applications cannot use the update mechanism described in this section unless the application and the update have both been signed with the same valid, code-signing certificate. To update a trusted application that does not have a valid signature, users must uninstall the old version and install the new version manually.

It more or less seems to indicate in the last sentence (in a round about way) that users with the unsigned application will need to uninstall the application, and then install the one with elevated trust to update it. I've read something that stated this in a more exact way, but can't remember where it was sorry :(.

Hope this helps...


After receiving no reply/leads I am unfortunately coming to the conclusion that this is a bug in SL4.

I assume that because the app now requires a UI confirmation to confirm the elevated trust there is no way for the existing non-trusted app to handle this UI on update, so it just doesn't download it.

For some reason, removing elevated trust has the same issue (trusted OOB apps wont update the non-elevated trust update either, which is even weirder).

So it seems to me the bottom line is that if you change Elevated Trust, you have just isolated all the people who have already installed your app.

So then there seems to be 2 options:

  1. Just update the app and rely on blogs etc. to tell them that they have to uninstall it and reinstall it. This sucks because they wont KNOW that there is a knew version and could use the old version for another 10 years without knowing. Plus, if they go to the online version, it thinks it is already is installed so wont offer the Install menu again until you uninstall the old one - very messy! I think this is the route that Tim Heuer took here with the signed Facebook app -
  2. Rename the .XAP file and start a new project for it. Make the old .xap file have a message saying "There's a new version" with uninstall and reinstall instructions/links. Then if they view the new one without having uninstalled the old one it will still install as it is a different XAP name, AND you can at least communicate with them telling them the old one is dead.

Any other suggestions?!

A nice way to fix those users who need to update would be to provide them with a little application to run that would automatically update them. Using this article: Install Silverlight-out-of-browser So the end users would just download the little exe which would uninstall the "untrusted" one and then reinstall with the new one.

Category:silverlight Views:51 Time:2010-09-16

Related post

  • Can individuals digitially sign Silverlight OOB apps for public release in their website name? 2010-08-19

    I have read all the blog posts on digital signing and checked out GoDaddy, Thawte and a couple of others. All of these say that you need to be a registered company and have official documentation and proof on incorporation etc. I don't have any of th

  • Install Silverlight OOB app from within another Silverlight app 2011-03-26

    I have a big LOB Silverlight App that works in browser and now I need to do smth with elevated priveleges so I need to install smth OOB. But I don't want to install whole app with all its complexity and assumptions - I'd want to have a small separate

  • Finding the Installation location of a silverlight OOB App 2010-09-03

    Is there any way to find where an OOB app is installed at runtime? I realise that once an OOB app is installed it is placed in a folder in "OutOfBrowser" within AppData. However, the folder is named with a long number (probably time stamp related) wh

  • How to open a non-silverlight WebPage in Silverlight OOb App? 2010-11-22

    My problem is I want to open a URL (non-Silverlight webpage) in a Silverlight Out-of-browser(SL-OOB) Application but in another window/page/etc. This webpage will return some content, that will be rendered accordingly to the functionality on this web

  • Pass arguments to Silverlight OOB app 2011-01-20

    We have a Silverlight application that requires access to peripheral devices - specifically, scanners. With this requirement, we're forced to use Silverlight as an OOB application. Up until recently we have been hosting our silverlight app online ins

  • Touch down not causing button press state in Silverlight OOB app 2011-04-27

    I am currently using Silverlight4 to build an OOB app with touch support. I guess what I'm doing would qualify as "multitouch" even though my app isn't using multiple touches at any point. I am running the app out of browser on various touch displays

  • How to ensure that a Silverlight OOB app only has a single instance? 2010-09-29

    Is there a way to ensure that only a single instance of the desktop version of a trusted Silverlight 4 Out Of Browser app will run? Or do I need to manually enforce this through the creation of a crude mutex of some sort? If I must enforce this mysel

  • How to call a service when a SilverLight OOB app is closing an 2010-10-24

    I need to call a WCF service to update when my SilverLight app exits. it is an out-of-browser app and I'm using SL4. Since the WCF in SL works only async it is not possible to do on Application.Exit I tried also MainWindow.Closing which is available

  • Possible to have Silverlight OOB App "Listen" for Keyboard Shortcut? 2011-10-12

    I'm building a Silverlight Out Of Browswer Application with Elevated Permissions and need the ability to basically have the application listen for a keyboard shortcut such as doing something like Ctrl + F10 will cause a window to take focus of the sc

  • Silverlight OOB Fullscreen Elevated Trust issue 2010-12-04

    I want to run silverlight OOB fullscreen using elevated trust. I noticed that as long as I check elevated trust, there will be a black secondary window when fullscreen is launched. This black window is only noticeable if I alt+tab out. Once unchecked

  • Printing in Silverlight 4 without Print Dialog - Out of Browser and elevated trust 2011-08-03

    How can I print in Silverlight 4 without a print dialog showing all printers. Many people say it not possible but they always talk when the app is running in the web browser. In this case I'm out of browser and with elevated trust. Any suggestions? -

  • Interchangeability / re-usability of WPF, Silverlight and Silverlight OOB applications? 2010-10-08

    For the experienced WPFers out there, how re-usable are WPF, Silverlight and Silverlight OOB applications and components? How much overlap is there? For example, could I write one application and easily deploy it in the three aforementioned ways? Ide

  • clickonce versus windows gadget versus silverlight OOB? 2011-03-15

    We are building for a customer an intranet communication portal (which is based on SharePoint 2010, but I think this is not important). One of his requirement is to push the latests news in a "widget" (in functional terms), both from the intranet por

  • Deploy Silverlight OOB with ClickOnce (like LightSwitch) 2011-03-29

    I know the limitations of WPF clickonce deployment versus SL OOB, however, in LightSwitch apps, there is a ClickOnce Package to deploy Silverlight OOB Apps. Is it possible to get the same behavior without using LightSwitch, say custom RIA app? ------

  • Can I capture traffic with Fiddler OOB Silverlight 4 app? 2011-02-23

    I've got a Silverlight 4 OOB elevated trust app. I am trying to debug my WCF calls but I can't capture traffic in Fiddler (latest version). I am running in debug mode with the service calls and app on same machine. I have tried without the debugger a

  • Can I use the "Test certificate" to deploy Elevated trust apps? 2011-10-15

    sorry for my bad english (and for the newbie question) - I have a silverlight 4 OOB application that requires Elevated Trust to run. The CheckAndDownloadUpdateAsync only works in this case if my xap is signed. There is a problem if I deploy my app us

  • Silverlight 5 Out of Brower with Elevated Trust application with MEF 2011-12-15

    I want to use MEF in a Silverlight 5 Out of Browser application with Elevated Privileges. I am having issues when using MEF and getting the exception when the following line of code is being executed CompositionInitializer.SatisfyImports(this); {Syst

  • Silverlight 5 - Require Elevated trust when running in browser 2012-03-20

    Can we come to a conclusion that Silverlight 5 - require elevated trust when running in browser, works fine for crossdomain calls on Internet Explorer alone and would fail for other browsers such as Chrome. Note I have tried:

  • Why is Silverlight toast notification only available in OOB app? 2011-07-13

    I haven't been able to find an explanation, or think of a reason why it's not available in non-OOB apps. So why is the toast notification only available in OOB apps? --------------Solutions------------- Silverlight 4 Out-Of-Browser apps can operate i

Copyright (C), All Rights Reserved.

processed in 0.155 (s). 11 q(s)