I'm looking at ClickOnce and ran into several blog posts where people were worried about expiring certificates when using a temporary PFX file created by VisualStudio. Appearently the certs issued by VS expire after a year and you will probably start running into problems with new deployments after that.

There is a KB article on MSDN that describes this problem but doesn't offer any good solutions (IMHO). Instead, if you have the Windows SDK installed you can create a certificte with much longer expiration, then create a PFX file from the cert and use with your ClickOnce application:

makecert.exe -r -pe -a sha1 -n "CN=MyClickOnceApp" -b 01/01/2000 
-e 01/01/2036 -eku 1.3.6.1.5.5.7.3.3 -sv MyClickOnceApp.pvk MyClickOnceApp.cer

pvk2pfx.exe -pvk MyClickOnceApp.pvk -spc MyClickOnceApp.cer -pfx MyClickOnceApp.pfx

This has been described in several places out there and my initial tests with makecert/pvk2pfx seems to work well so I'm storing the steps here for later use. I'm going to use it for a Codeplex project I'm opening up soon, so stay tuned...