“Unable to find manifest signing certificate in the certificate store” - even when add new key

visual-studio-2010 visual-studio code-signing strongname

I cannot build projects with a strong name key signing - the message in the title always comes up.

Yes the project was initially copied over from another machine. However even if I add a new key via the Signing tab in Project Properties, this error is still shown.

I have tried running Visual Studio as an Administrator and have tried manually adding the keys to Windows Certificate Store.

Help!

Edit: I don't get this error with a new project, but I'd quite like to get this existing project working. It won't work even if I create a new certificate!

What type of VS project? Have you unchecked the "Sign the ClickOnce manifests" on the Project Properties Signing Tab as well?

@Simon Mourier, if I uncheck that option then the file won't be signed. I want it to be signed! It's a C# project. Works fine on my main development machine, just not on the laptop.

Is the error message displayed in your build log, or in some other way? It may help if you copy and paste the log.

An error in the build log: “Unable to find manifest signing certificate in the certificate store”

I didn't see the lines of code in the accepted answer. But this worked for me: I created a new key in VS2015. I unclicked Sign the Assembly and saved. Then I clicked the Select from File button,chose the file I'd just created, clicked again on Sign the assembly, and saved. Rebuilt.

Anye

I've finally found the solution.

Edit the .csproj file for the project in question. Delete the following lines of code: ........... xxxxxxxx.pfx true false

Worked for me too. Any caveats of such action?

Yup, deleted anything with "Manifest" and it worked :-)

I wouldn't do this without knowing the repercussions... does it anyway

In my case, Deleting ManifestCertificateThumbprint and ManifestKeyFile solve the problem.

Worked for me. No clue what repercussions this has but at least one of them is a working project so that's good enough for me.

ADL

Go to your project's "Properties" within visual studio. Then go to signing tab.

Then make sure Sign the Click Once manifests is turned off.

Updated Instructions:

Within your Solution Explorer:

right click on your project click on properties usually on the left-hand side, select the "Signing" tab check off the Sign the ClickOnce manifests Make sure you save!

https://i.stack.imgur.com/FIHjg.png

What you said is fine and should work but didn't. In the end I had to delete the lines of code as mentioned in the answer below

What does this do/what does this action mean?

@TrailMix It will modify you config file appropriately.

this gave me a solution for vs2010 :) up !

Nice answer! I am using VS2012 and it really works! +1

Brino

It's simple!!

I resolved this problem by following this steps:

Open project properties Click on Signing Tab And uncheck "Sign the assembly"

That's it!!

This may prevent publishing (if we care) but now it runs.

Alex Jolig

Open the .csproj file in Notepad. Delete the following information related to signing certificate in the certificate store xxxxx xxxxxx xxxxxxxx.pfx true false

Uwe Keim

Try this:

Right click on your project → Go to properties → Click signing which is left side of the screen → Uncheck the Sign the click once manifests → Save & Build

Ash

Go to your projects "Properties" within visual studio. Then go to signing tab.

Then make sure Sign the Click Once manifests is turned off.

1.Open the .csproj file in Notepad.

2.Delete the following information related to signing certificate in the certificate store xxxxx xxxxxx xxxxxxxx.pfx true false `

Worked for me.

dpminusa

https://i.stack.imgur.com/ZJzee.jpg

Clear and concise!

Owen Wengerd

It is not enough to manually add keys to the Windows certificate store. The certificate only contains the signed public key. You must also import the private key that is associated with the public key in the certificate. A .pfx file contains both public and private keys in a single file. That is what you need to import.

Thanks but already tried that. Visual Studio should automatically add the certificate when you create a new one anyway. However I have tried adding the .pfx file manually too. Left windows to install it in the correct certificate store and also added it to my personal store.

The private key is not stored in the certificate store. Please read this, maybe it will help you understand the distinction: technet.microsoft.com/en-us/library/cc962112.aspx

I should add that you can verify that the associated private key is available by opening the certificate property window in certificate manager. If the private key is available, the following text is displayed at the bottom of the General page: "You have a private key that corresponds to this certificate". If you do not see that text, the private key is not installed.

Yes it does say "You have a private key that corresponds to this certificate".

I think that rules out the key or the certificate as the problem.

Owen Wengerd

You said you copied files from another computer. After you copied them, did you 'Unblock' them? Specifically the .snk file should be checked to make sure it is not marked as unsafe.

It's not blocked, it came over from Windows Live Mesh syncing software. However it's irrelevant since even creating a new key inside Visual Studio on the laptop won't work.

Alex Jolig

To sign an assembly with a strong name using attributes

Open AssemblyInfo.cs (in $(SolutionDir)\Properties)

the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, specifying the name of the file or container that contains the key pair to use when signing the assembly with a strong name.

add the following code:

[assembly:AssemblyKeyFileAttribute("keyfile.snk")]

Adding this line doesn't make a difference, I still get the same error.

Sevenate

If you need just build the project or solution locally then removing the signing might be a dead simple solution as others suggest.

But if you have this error on your automation build server like TeamCity where you build your actual release pieces for deployment or distribution you might want to consider how you can get this cert properly installed to the cert store on the build machine, so that you get a signed packages at the end of the build.

Generally it is not recommenced to check-in/commit any PFX certificates into source control, so how you get this files on your build server during the build process is a bit another question, but sometimes people do have this file stored along with the solution code, so you can find it in the project folder.

All you need to do is just install this certificate under proper account on your build server.

Download PsExec from Windows Sysinternals. Open a command prompt, and enter the following. It will spawn a new command prompt, running as Local System (assuming that your TeamCity is running under the default Local System account): > psexec.exe -i -s cmd.exe In this new command prompt, change to the directory containing the certificate and enter the filename to install (change the name of the file to yours): > mykey.pfx The Import Certificate wizard will start up. Click through and select all the suggested defaults. Run the build.

All credits goes to Stuart Noble (and then further to Laurent Kempé I believe ☺).

Dharman

Just ran into this (again), due to PFX cert not being included in the code, for security.

For local testing, like Debug builds, the lead programmer of this solution had me go into Properties, Signing, click on "Create Test Certificate". In our setting he said just click ok, but one can put in a strong password here if warranted/needed.

“Unable to find manifest signing certificate in the certificate store” - even when add new key

Follow WeChat

Want to stay one step ahead of the latest teleworks?

相似问题

Platform

Support

Links

Contact US