Skip to content

clarified instructions for certificates stored in hardware #3276

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

clarified instructions for certificates stored in hardware #3276

wants to merge 3 commits into from

Conversation

@edoardo-kolver
Copy link

@edoardo-kolver edoardo-kolver commented Apr 4, 2024

The documentation says to export the certificate, but this introduces errors when the certificate is stored in a hardware token. You just need to specify the certificate fingerprint, no need to export. See issue dotnet/runtime#100414

@edoardo-kolver
clarified instructions for certificates stored in hardware
ccd1e10 
The documentation says to export the certificate, but this introduces errors when the certificate is stored in a hardware token. You just need to specify the certificate fingerprint, no need to export. See issue dotnet/runtime#100414
@edoardo-kolver edoardo-kolver requested review from a team as code owners April 4, 2024 22:42
@edoardo-kolver
Copy link
Author

edoardo-kolver commented Apr 4, 2024

@dotnet-policy-service agree company="Kolver"

@learn-build-service-prod
Copy link

learn-build-service-prod bot commented Apr 4, 2024

Learn Build status updates of commit ccd1e10:

✅ Validation status: passed

File Status Preview URL Details
docs/create-packages/Sign-a-Package.md ✅Succeeded View

For more details, please refer to the build report.

For any questions, please:

@edoardo-kolver edoardo-kolver mentioned this pull request Apr 4, 2024
Closed
teo-tsirpanis
teo-tsirpanis reviewed Apr 6, 2024
View reviewed changes
@edoardo-kolver @teo-tsirpanis
Update docs/create-packages/Sign-a-Package.md
9619cec 
better phrasing

Co-authored-by: Theodore Tsirpanis <teo@tsirpanis.gr>
@learn-build-service-prod
Copy link

learn-build-service-prod bot commented Apr 6, 2024

Learn Build status updates of commit 9619cec:

✅ Validation status: passed

File Status Preview URL Details
docs/create-packages/Sign-a-Package.md ✅Succeeded View

For more details, please refer to the build report.

For any questions, please:

@jebriede jebriede requested a review from dtivel October 1, 2024 22:35
@edoardo-kolver
Copy link
Author

edoardo-kolver commented Nov 1, 2025

Why isn't this merged already? It's a super simple but helpful documentation update

kartheekp-ms
kartheekp-ms reviewed Nov 10, 2025
View reviewed changes
@edoardo-kolver @kartheekp-ms
Update docs/create-packages/Sign-a-Package.md
027ee1d 
Starting with .NET 9 and NuGet.exe 6.12, NU3043 warning is raised when a SHA-1 certificate fingerprint is passed to the sign commands. SHA-1 is considered insecure and should no longer be used.

This warning is promoted to an error in the .NET 10 SDK, and will be promoted to an error in NuGet.exe around .NET 10's release.

Co-authored-by: Kartheek Penagamuri <52756182+kartheekp-ms@users.noreply.github.com>
@learn-build-service-prod
Copy link

learn-build-service-prod bot commented Nov 13, 2025

PoliCheck Scan Report

The following report lists PoliCheck issues in PR files. Before you merge the PR, you must fix all severity-1 and severity-2 issues. The AI Review Details column lists suggestions for either removing or replacing the terms. If you find a false positive result, mention it in a PR comment and include this text: #policheck-false-positive. This feedback helps reduce false positives in future scans.

✅ No issues found

More information about PoliCheck

Information: PoliCheck | Severity Guidance | Term
For any questions: Try searching the learn.microsoft.com contributor guides or post your question in the Learn support channel.

@learn-build-service-prod
Copy link

learn-build-service-prod bot commented Nov 13, 2025

Learn Build status updates of commit 027ee1d:

✅ Validation status: passed

File Status Preview URL Details
docs/create-packages/Sign-a-Package.md ✅Succeeded View

For more details, please refer to the build report.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kartheekp-ms kartheekp-ms kartheekp-ms left review comments

@dtivel dtivel Awaiting requested review from dtivel

+1 more reviewer

@teo-tsirpanis teo-tsirpanis teo-tsirpanis left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@dtivel dtivel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@edoardo-kolver @teo-tsirpanis @kartheekp-ms @dtivel