We have a number of tools we distribute internally that we want to ensure are signed (particularly ClickOnce applications).
The goals were:
- Anyone on the team could build the tools (including ClickOnce tools) and publish them.
- No one on the team has to go through manual steps: they ought to be able to sync and build.
- No dialog popups during the build (such as passwords).
- No trust issues when using the tools–Certificates are trusted.