Updating and configuring your browser-based version of Client Center to be licensed and trusted in your intranet
Instructions By: Sherry Kissinger
- If you do not already have it, download and install Windows SDK 8.1, so you have mageui.exe
- Install it, once complete, you will want to use mageui.exe from the folder
“C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools”
- Pre-requisite: A code signing certificate, which is trusted by the systems which will be launching this intranet-web based tool. There are many ways to create (or purchase) a trusted certificate. Since this was, for us, to be used by the same systems which
would get SCUP-signed updates, for which we already had a code signing certificate, we are dual-duty using that certificate.
- Pre-requisite: you have already followed these directions:
http://www.mnscug.org/blogs/sherry-kissinger/238-cm12clientcenterbrowser, so that the browser-based version works in your environment using the publicly available browser version.
- Download the latest browser-based version of Client Center:
- Extract the contents of publish.zip to a working folder.
- If you are licensed, edit “Customization.dll.Config”, and modify the Licensee and LicenseKey values to be the values provided when you received your license
- <setting name="Licensee" serializeAs="String">
<value>Awesome CM Shop</value>
<setting name="LicenseKey" serializeAs="String">
- Sign the manifest and the root .xbap file so they are trusted (steps 8 and 9 below)
- Launch MageUI from <drive Letter>:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools
- NOTE: you must sign the manifest FIRST
- Browse to your working folder, Application Files\SCCMCliCtrWPF_<Version>, and open the manifest
- For your own knowledge, note that the Public key token is “Unsigned” (that’s what we’ll be changing)
- You need to designate the .pfx code signing certificate you will be using. File, Preferences, and find your .pfx file. Ensure that both checkboxes for “sign on save” and “Use default signing certificate” are selected.
- File, Save. You *will* get a message about a password (because in general, your .pfx code-signing certificate will have a password that you have to enter). Type in the password for your .pfx file in the Password field, and hit OK.
- Once saved with the code signing certificate, the Public Key token will now have a value
- Close; you are now done with the manifest file
- From MageUI, File, Open, and from your working directory, open the file SCCMCliCtrWPF.xbap, the one in the same folder as the setup file.
- Note that “public key token” is also unsigned
- Go to “Application Reference”
- Note that when this xbap was created it was created using the publicly available, unsigned manifest. You need to fix that.
- Click, “Select Manifest…” and select the manifest file you just signed in the above step.
- Note that the Public Key Token now has a value (the same one as above)
- g. File, Save. You *will* get a message about a password (because in general, your .pfx code-signing certificate will have a password that you have to enter). Type in the password for your .pfx file in the Password field, and hit OK.
- From your working Directory, copy all of the files into your host servers’ IIS location. For me, that happens to be d:\iis\clientCenter.
- Test your web page:
- What “should” happen is that if you are running iexplore.exe as an Admin, it should download, and immediately run. (without asking you to “run” the content). Additionally, if you are licensed, the front page will be The Agent Settings, Agent Settings page;
not the “Help About” screen, as well as in the title of Internet Explorer, it will say “Client Center for CM12 (Your Licensee Name you Put into Customization.dll.config in Step 6)”
1) Update Customization.dll.config with your license info
2) Sign SCCMCliCtrWPF.exe.manifest with your known-to-work-for-your-company code signing, .pfx certificate
3) Sign SccmCliCtrWPF.xbap with your known-to-work-for-your-company code signing, .pfx certificate, AND update the Application Reference to reference the just-signed-by-you manifest file.