When you want to create a ClickOnce deployment you should sign the automatically generated manifest using an Authenticode certificate, providing a certificate took from the local computer cert store or passing a .pfx file.
To create an homemade self-signed .pfx file (for testing purpose only!!!), open the “Visual Studio Command Promt (2010)” or the “Developer Command Prompt for VS2012” and run the following two steps:
makecert.exe -sv TestCodeSign.pvk -n “CN=Test Code Sign” TestCodeSign.cer
pvk2pfx.exe -pvk TestCodeSign.pvk -spc TestCodeSign.cer -pfx TestCodeSign.pfx -po password
If you want, you can also omit the password.
Now that you have your own homemade certificate you can use it, especially useful while using command-line tools like mage (or mageUI with GUI support).
Stay Tuned! 😉
.Net Diaries 
Hi! where does this TestCodeSign.pfx file store?
In the folder where you have launched the commands.