Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot sign package using NuGet.Commands and .NET Core 3.1 on Windows 10 #9548

Closed
wazzamatazz opened this issue May 12, 2020 · 4 comments
Closed

Cannot sign package using NuGet.Commands and .NET Core 3.1 on Windows 10 #9548

wazzamatazz opened this issue May 12, 2020 · 4 comments
Labels
Functionality:Signing

Comments

@wazzamatazz
Copy link

Details about Problem

NuGet product used (NuGet.exe | VS UI | Package Manager Console | dotnet.exe): NuGet.Commands package

NuGet version (x.x.x.xxx): 5.5.1

dotnet.exe --version (if appropriate): 3.1.201

VS version (if appropriate): 16.5.4

OS version (i.e. win10 v1607 (14393.321)): Windows 10 v2004 (19041.208)

Detailed repro steps so we can see the same problem

Attached sample project uses NuGet.Commands to sign a package using a provided certificate. When compiled for .NET Framework 4.8 and run on Windows 10, the package is successfully signed (albeit with a warning because I was using a self-signed certificate):

.\NuGetPackageSigner.exe "C:\Temp\TestPackage.0.0.1.nupkg" "<CERT THUMBPRINT>"
warn: NuGetPackageSigner.Program[0]
      NU3018: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
info: NuGetPackageSigner.Program[0]
      Signed package can be found in C:\Temp\NuGetPackageSigner\bin\Debug\net48\Signed.

When the same project is compiled for .NET Core 3.1 and run on Windows 10, a failure occurs:

.\NuGetPackageSigner.exe "C:\Temp\TestPackage.0.0.1.nupkg" "<CERT THUMBPRINT>"
warn: NuGetPackageSigner.Program[0]
      NU3018: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
fail: NuGetPackageSigner.Program[0]
      The method or operation is not implemented.
warn: NuGetPackageSigner.Program[0]
      NuGet returned status code 1.

Presumably this is caused by a .NET Standard API not being implemented in .NET Core. The NuGet logger does not provide enough information to identify which method is actually throwing the error.

Other suggested things

Sample Project

Sample project is attached.

NuGetPackageSigner.zip
@donnie-msft
Copy link
Contributor

@heng-liu

@heng-liu
Copy link
Contributor

Hi, @wazzamatazz. Thanks for reporting this issue!
We're going to support cross platform package signing for netcore soon(but for net5, not .NET Core 3.1). The tracking epic issue is #9006
For now, we only support package signing for .NET Framework.

@wazzamatazz
Copy link
Author

Hi, thanks for clarifying.

I was specifically targeting Windows, so I've come up with a workaround that involves referencing the NuGet.CommandLine package and invoking the NuGet.exe process from my app instead of trying to run the command in-process.

@zkat
Copy link
Contributor

zkat commented Jul 16, 2020

Closing in favor of #9006

@zkat zkat closed this as completed Jul 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Functionality:Signing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@zkat @wazzamatazz @heng-liu @donnie-msft