Click Once Troubleshooting

In some IT setups the Click Once mechanism may fail or be disabled, as described in the sections on this page. In this case the tool can be downloaded in a standalone fashion by clicking the below link.

1. There is no response when a Click Once hyperlink is clicked

Click Once requires the Internet Explorer permission Run componenents not signed with authenticode to be enabled for the DealAxis Internet Explorer Zone, as as described in the DealAxis Internet Explorer Permissions page.

This permission is only required for Click Once to work and is not needed by the actual Pot book grid. If this permission is not enabled there will be no response when the user attempts to run a Click Once application, as described in the following Microsoft article.
Microsoft KB 922774

2. Click Once and Proxy Servers

When a bank connects to a Click Once application over the internet they will be routed via their proxy server. At some banks the proxy server uses BASIC authentication, which means users have to enter a separate user name and password to access the internet, as below.

Proxy credentials

For this type of proxy server Click Once is currently unsupported and when users try to run Click Once applications they will receive an error as follows.

Click once error

Clicking the Details button will show the full error details and the text will indicate a proxy server authentication problem as follows. This is because currently there is no way to provide the Click Once process with the separate user name and password.
The remote server returned an error: (407) Proxy Authentication Required.

These limitations are described at the following Microsoft link and Microsoft have indicated that they will support this type of proxy server in a later release of the .Net Framework.
Microsoft KB 917952

3. Click Once is disabled

Click Once can be disabled via the Windows registry for one or more Internet Explorer zones. This can be done by adding string values under the following registry location.

The below screenshot shows a secure configuration where Click Once is only enabled under the Local Intranet and Trusted Sites zones and only for code that is signed with an Authenticode signature.

Locked down Click Once

In this setup, users attempting to run a Click Once application from the Internet zone will receive the following message.

Locked down Click Once

If required, Click Once can be completely disabled by default for all zones but a bank can choose to trust Click Once code from Dealogic, by adding the Dealogic code signing certificate to their Trusted Publishers. This certificate can be downloaded in ZIP format by clicking the following link.
Dealogic Certiticate

To import the certificate, double click it in Windows Explorer, select Install Certificate and import it into Trusted Publishers as below. Click Once applications from Trusted Publishers are run without any user prompts, since they are considered fully approved.

Trusted publisher

Return to home page

Advanced topics

Copyright © Dealogic Ltd