No, only the “ClickOnce” manifests need to be signed. The manifests have a hash of all the files they reference, so application integrity can be ensured, even if the application files are not signed. Also be careful when using signed assemblies in your application, updating a signed assembly will usually also involve re-compiling all assemblies that reference it. This can make quickly chain a one file update into a multiple file update.