Edit

Share via

NuGet Warning NU3012

  • Article

Scenario 1

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature validation failed.

Issue

NuGet client failed to verify the SignedCms signature present in the NuGet signature in the package.

Solution

You can get more details about the problem by looking at the debug logs. If the problem persists, then please file an issue at NuGet/Home along with the package that generated this problem.

Scenario 2

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature found a chain building issue: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

Issue

NuGet client failed to verify the certificate chain for the signing certificate used to sign the package.

Solution

Please ensure that the package signature has a valid certificate chain. You can verify the package signature by running the nuget verify -signatures command on the package. If the problem persists, then please file an issue at NuGet/Home along with the package that generated this problem.

Note

When NuGet’s signature validation mode is set to accept (default), NU3012 is raised as a warning in most cases. When NuGet’s signature validation mode is set to require, or when running the nuget verify -signatures command, NU3012 is elevated from a warning to an error.