Dotfuscator can protect ClickOnce applications.
Note: Dotfuscator Professional Edition supports the use of ClickOnce
.applicationfiles as inputs. This will automatically protect and repackage the ClickOnce application's assemblies.
To integrate Dotfuscator Community Edition (CE) with a ClickOnce project:
In the Visual Studio IDE, disable the
.deployextension from being used with your published ClickOnce assemblies:
Open the Properties for your ClickOnce project.
Open the Publish tab.
Uncheck Use ".deploy" file extension.
Publish the ClickOnce application to a directory on disk, such as
Use the Dotfuscator CE User Interface to create and build a Dotfuscator configuration:
Add input assemblies corresponding to your published ClickOnce package. Normally, these are the assemblies located in the
bin\Releasesubdirectory of your ClickOnce project, with extensions
.dll. Do not include any
vshostversions of those files.
Build the Dotfuscator configuration. The protected assemblies are placed in a subdirectory named
If your assemblies were strong-named, re-sign the protected versions of those assemblies with sn.exe (Strong Name Tool), for example:
sn.exe -R Dotfuscated\YourApplication.exe strong_name_key.snk
Copy the protected assemblies on top of the unprotected versions in the ClickOnce publish location, for example:
copy /y Dotfuscated\YourApplication.exe "publish\Application Files\YourApplication_1_0_0_0\"
Update the application manifest with mage.exe (Manifest Generation and Editing Tool), for example:
mage.exe -Update "publish\Application Files\YourApplication_1_0_0_0\YourApplication.exe.manifest" -CertFile YourKey.pfx -Password your_pfx_password
Update the deployment manifest, for example:
mage.exe -Update publish\YourApplication.application -AppManifest "publish\Application Files\YourApplication_1_0_0_0\YourApplication.exe.manifest" -CertFile YourKey.pfx -Password your_pfx_password
Manually publish (copy) the files to your deployment source location (Web server, UNC share, or CD-ROM).