stackoom
  简体   繁体   中英

Getting a "No certificates were found" error in an Azure release pipeline

 原文  2021-05-10 21:04:23       azure/ azure-devops

Question

I'm working on migrating a TFS build/release to Azure DevOps Services (ADS) for a WPF app. The build works fine, but I'm having problems with the release. This is the first ADS release I've ever worked on.

The original TFS build/release was done by a colleague who's since moved on. He used a PowerShell script to sign the ClickOnce manifest in the TFS release.

I'm getting an error I searched here here on Stack Overflow, Signtool error: No certificates were found that met all given criteria with a Windows Store App?

Looking through the answers to the posted, one of the answers is to clear the checkbox for the project's properties, "Sign the ClickOnce manifests". I've looked and discovered that checkbox isn't checked. I don't believe this is the cause of the error. And the PowerShell script my colleague wrote signed the manifest anyway. We need all manifests signed.

My colleague got a certificate from a signing authority. It is valid until sometime in 2022, so it hasn't expired.

I took the certificate off the server it was on and put it into this project's Pipeline | Library | Secure Files location in ADS. I'm using the Code Signing marketplace extension to sign the manifest. Here's the task in the ADS release pipeline:

steps:
- task: stefankert.codesigning.codesigning-task.codesigning@2
  displayName: 'Code Signing '
  inputs:
    secureFileId: 'DER Encoded Binary.cer'
    signCertPassword: '$(signingCert.securePassword)'
    files: '**/*.manifest'
    timeServer: 'http://timestamp.comodoca.com'
    description: 'ACDC ClickOnce'

I created a variable group in the Pipeline Library. The signingCert.securePassword is the name of one of the variable that has the password for the certificate.

The error suggests to me that the pipeline can't find the file "DER Encoded Binary.cer" in the library | Secure Files. What am I doing wrong?

Addendum:

Looking at the log of the task closer, I see that it's finding the manifest file. Here's the line where it's using the signtool.exe:

[command]D:\a_tasks\codesigning_0e0f3bf7-d96c-45d6-aa76-f9afb71fb77e\2.2.0\signtool.exe sign /fd SHA256 /t http://timestamp.comodoca.com /f "D:\a_temp\DER Encoded Binary.cer" /p *** /d "ACDC ClickOnce" D:\a\r1\a_ACDC\drop\ACDC\bin\Release\ACDC.exe.manifest

1 answers

solution1
 1 ACCPTED  2022-03-29 17:49:04

I think the "secureFileId" refers to the GUID of the secure file. If you click on the secure file, it will navigate you to a url to alter and view the settings of the secure file. In the URL, you'll notice the GUID. Something like: http://MyServer:8080/tfs/YourProjectCollection/YourProject/_library?itemType=SecureFiles&view=SecureFileView&secureFileId= abcd1234-12ab-01a1-ab12-9d1c827a4 &path=YourSecureFile.pfx

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Error in release pipeline : Container path not found Azure Bicep in DevOps release pipeline Azure build pipeline and release pipeline nodejs Azure pipeline Release pipeline: ARM Template deployment: Resource Group scope fails with ,,Error code: DeploymentFailed" Azure DevOps Release Pipeline - Allowing branch selection at release time Azure devOps multi stage pipeline release status response Multiple schedules in Azure Devops Release Pipeline for different branches Report Code Coverage in Azure Pipeline for SonarQube not found Set Azure devops Release pipeline variable using REST API Azure DevOps - React App - Set Environment Variables in Release Pipeline
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM