SmartScreen, ClickOnce and Intranet Applications
I work in a company where we develop several Intanet Applications. Some of them are distributed into a shared folder while a lot of them use ClickOnce.
Code Signing Certificates has changed over the past year, so that you need a USB key in the computer that needs to sign the application, which effectivly has pulled the certificate from 4-5 developers so that only our public production application gets signed correctly with our company cert.
I've been poking around with enrolling a Code Signing Cert from a Windows Server 2025 with the Certificate Authority installed
I've also installed both the Root Cert in the domain as well as adding the CSC into the Trusted Authors..
But SmartScreen ignores it all...
I then tried adding the ClickOnce website into the Trusted Intranet Zone, which also didn't help in regards to warnings and untrusted file alerts....
So, can it really be true that the ONLY way to fix SmartScreen is by disabling it using GPO ?
Why isnt a CSC from the CA on the Domain enough to trust an Intranet Application ?