Post date: Jul 18, 2012 9:10:3 PM
For In-Browser Silverlight apps you need the following to make sure that you don’t get cross browser scripting errors:
Even though you plan on running this in the browser make sure that you enable running the application out of the browser
Require elevated trust when running in-browser needs to be enabled also. This is all in the Silverlight properties tab
Signing tab – make sure you sign the Xap file
Create a certificate you can test with & import it
Registry settings on the clients machine
On IE - make sure that Enable Protected Mode is not checked off
Creating a test certificate for Xap file
I ran commands from a dos prompt to create the certificate, import it into MMC and then use VS 2010 to sign my Xap file
DOS commands for cert - I made my own root CA certificate;
makecert -n "CN=testRootCA" -r -sv testRootCA.pvk testRootCA.cer
Then I opened up MMC and went to the CurrentUser\Trusted Root Certification Authorities store and I imported mytestRootCA.cer file into that store
Then I made a signing certificate from that CA.
makecert -sk testSigning -iv testRootCA.pvk -n "CN=testSigning" -ic testRootCA.cer testSigning.cer -sr currentuser -ss My
And that command line is installing that certificate into the personal store and it should be trusted because it chains up to the testRootCA.
I also needed to make sure that my signing certificate is also in my CurrentUser\Trusted Publishers store so I went back to MMC and import that certificate into that store (my file is called testSigning.cer).
Signing my Xap file with the new cert
From VS 2010 - Went to the Silverlight project properties and on the Signing area clicked on Select from Store and picked my certificate that was just created
Registry setting changes on client side
Path
64 bit path: HKLM\Software\Wow6432Node\Microsoft\Silverlight
32 bit path: HKLM\Software\Microsoft\Silverlight
Entries
AllowElevatedTrustAppsInBrowser (DWord) – 0x00000001
AllowLaunchOfElevatedTrustApps (DWord) – 0x00000001