-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to Authenticode sign using version 0.9.1-beta.24406.1 #764
Comments
@martincostello, can you try the latest version of Sign CLI just uploaded to NuGet.org? https://www.nuget.org/packages/sign/0.9.1-beta.24469.1 BTW, this is unrelated to the above issue, but your CI output includes the warning:
These options are deprecated:
Going forward, these values should be passed using environment variables:
|
@dtivel Still failing with
Looking at our validation step, it seems like the
|
Describe the bug
In Polly we Authenticode sign our assemblies and NuGet packages using a code signing certificate provided by the .NET Foundation.
Trying to release a new version today, signing failed with errors trying to download the key.
Since our last release, v8.4.1, we had ingested three dependabot updates for sign (App-vNext/Polly#2178, App-vNext/Polly#2205, App-vNext/Polly#2260). We only sign our builds that are intended to be published to NuGet.org, so the issue didn't come to light until now - we also can't validate signing in dependabot PRs anyway, as secrets are not available to them.
Reverting those changes (App-vNext/Polly#2305) and going back to the version we used for our 8.4.1 release resolved the issue, with the signing succeeding to publish 8.4.2 (logs).
Something in the last three public releases appears to have broken something.
This may be related to #753, but I assume the change their has been released, so if so either than change broke this use case, or it's a different problem.
I have no direct access to the certificate or the Azure resources it's stored in, so I can't check any settings related to it myself.
/cc @joelhulen
Repro steps
We were broken as of App-vNext/Polly@f7dc35f, but without you having access to our secrets I'm not sure how useful that is...
Expected behavior
Assemblies and NuGet packages are successfully signed.
Actual behavior
Signing fails with the following errors:
Additional context
The referenced commit where signing fails uses sign
0.9.1-beta.24406.1
and .NET SDK8.0.402
.The text was updated successfully, but these errors were encountered: