-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Signing failed with error -2147012744. #709
Comments
Hi @janstaelensskyline unfortunately, those versions of Windows are both out of the mainstream support lifecycle, so there's not a lot we can do for those. That said Sign CLI carries its own copies of the Authenticode signing libraries and that activation context should be forcing the tool to use those versions instead of the ones the OS carries. @dtivel, looks like there may be an issue here? Can we confirm that the correct libraries are being loaded and used at runtime? |
Hello @clairernovotny , understood. Do you have a list with the mainstream support for what version of windows OS is supported and part of your QA cycle for the signing of .nupkg? |
Update on this issue. I've continued debugging this on my end. Up to an including 19/06/2024Using the exact same sign command as mentioned in the first post, version of the tool and the same .nupkg package. On azure pipelines using windows host: WORKS On 2 Pc's with Windows 10: On 1 PC with Windows 11: On Windows Server 2019: On Windows Server 2022: Today on 20/06/2024the command suddenly started working on Both the servers are still failing (2019 and 2022) but with different error codes. what changedI spend a while checking to see what 'changed' on the PC's that didn't on the servers but I'm not finding much. I saw a windows update for microsoft defender: KB2267602. But when I installed that on the server nothing changed. On applications I didn't see any updates that every PC had and that the servers might've been missing. current statusCurrently I'm not able to really figure this out. I'll setup our self-hosted jenkins pipelines to use the NuGetKeyVault tool directly for now, but we'd prefer to use the same dotnet sign tool on all our CI/CD. |
I think I had the same problem and in my case, installation of "Microsoft Visual C++ 14 runtime" (https://aka.ms/vs/17/release/vc_redist.x64.exe) helped. It's required component, described in readme (https://github.com/dotnet/sign?tab=readme-ov-file). Azure Pipelines agents have some preinstalled components, that's why there signing worked. |
Describe the Bug
Environments:
When executing
dotnet sign
on a.nupkg
file using Azure Key Vault, we encounter the following error:0x80072EE8
dotnet.exe
process with signing also fails.Interestingly, this issue does not occur when running the code from an Azure Pipeline on a provided Windows machine. It suggests we might be missing a prerequisite on our personal computers. It does happen on our Jenkins setup running on the above specified windows 2019 server.
After some investigation, it appears the error originates from deep within the code, specifically from calls to the Windows OS to sign the assemblies inside the
.nupkg
.The problem is that I'm not familiar enough with the
SignerSignEx3
WinAPI call and it seems like documentation will be private to Microsoft. At this point, it's likely that I've gone too deep and am missing a more obvious issue.Repro Steps
.nupkg
that includes.net462
assemblies.dotnet
is a class that startsdotnet.exe
as a process with the provided string as an argument):Expected Behavior
Expecting to see a signed
.nupkg
with all content signed.Actual Behavior
Signing starts, then it retries over and over again until it throws an exception.
Standard Output:
Additional Context
dotnet --info
.NET SDKs Installed
.NET Runtimes Installed
Other Architectures Found
Environment Variables
global.json File
Learn More
Download .NET
The text was updated successfully, but these errors were encountered: