I have .pfx certificate which is self signed. I’ve signed the ClickOnce manifest of my VSTO (Excel Add-In project type in Visual Studio) project. Recently we have migrated the application from .Net 3.5 to 4.5 and Office 2007 to 2010 since then project (that used to work) and now it gives me an error:
An error occurred while signing: Unknown error «-2147012894»
SignTool Error: An unexpected internal error has occurred
The certificate is perfectly valid and not expired
Anyone had this kind of error before? Any suggestions?
omegastripes
12.3k4 gold badges43 silver badges91 bronze badges
asked Jul 18, 2016 at 19:16
2
Try creating a new certificate.
Look at the «Signing» section under the project’s properties.
In my case, my MSB3482 error occurred because my certificate had indeed expired. I clicked the button called «Create Test Certificate» and I was able to build and run again. (At least for another year)
answered Feb 16, 2018 at 17:18
Mikhael LooMikhael Loo
5415 silver badges10 bronze badges
0
Go to Project properties > Signing > Uncheck «Sign the ClickOnce manifests» to run your code
answered Dec 22, 2018 at 7:24
0
| title | description | ms.date | ms.topic | f1_keywords | dev_langs | author | ms.author | manager | ms.technology | ms.workload | ||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
MSB3482: An error occurred while signing |
This error occurs when MSBuild encounters an error while trying to sign an output file. |
08/15/2022 |
error-reference |
|
|
ghogen |
ghogen |
jmartens |
msbuild |
multiple |
This error occurs when MSBuild encounters an error while trying to sign an output file when running the SignFile task.
The message resembles the following, but this text is followed by additional information from the signing tool:
MSB3482: An error occurred while signing:
Check that the sign file exists.
Make sure the signing tool is installed; it’s installed with Visual Studio. Look to the additional information provided by the signing tool to see more about what happened.
If the thumbprint is invalid, it will trigger a cryptographic error, and you might see this error. Check the string value given as the CertificateThumbprint parameter to the SignFile task. The certificate thumbprint is the SHA-1 hash of the certificate. For more information, see Obtain the SHA-1 hash of a trusted root CA certificate. If you copy and paste the thumbprint from the certificate details, make sure you do not include the extra (3F) invisible character, which may prevent SignFile from finding the certificate.
Test certificates expire after a period of time. You might have to create a new one. See How to: Sign application and deployment manifests or for newer .NET projects in Visual Studio 2019 or later, see Deploy a .NET Windows Desktop application using ClickOnce.
When running in a non-interactive environment, such as a script in a pipeline, you can create a certificate by using the command-line tool certutil.
certutil –f –p [certificate_password] –importpfx <path to pfx file>
- Remove From My Forums
-
Question
-
I have a Windows 10 System with VS 2019 installed. I am using a .Net Standard 2.0 project. I have installed a certificate (pfx) and I can see it using certmgr.msc. I have a custom target with a SignFile task, with the following markup.
<Target Name="SignFile" AfterTargets="Build"> <ItemGroup> <FileToSign Include="Source.ps1" /> </ItemGroup> <Message Importance="High" Text="Signing Source.ps1 with Certificate Thumbprint..." /> <SignFile CertificateThumbprint="MyCertTP" SigningTarget="@(FileToSign)" TargetFrameworkVersion="v4.5" /> </Target>But I am getting an error on build «An error occurred while signing. Data at the root level is invalid. Line 1 Position 1.». I followed the link https://docs.microsoft.com/en-us/visualstudio/msbuild/signfile-task?view=vs-2019
The error is occuring at the SignFile line.
Note: MyCertTP carries the correct thumbprint which cannot be exposed.
Ven
-
Edited by
Friday, June 12, 2020 5:57 PM
-
Edited by
Answers
-
-
Proposed as answer by
Dylan Zhu-MSFTMicrosoft contingent staff
Tuesday, June 16, 2020 6:58 AM -
Marked as answer by
Venh
Tuesday, June 16, 2020 7:18 AM
-
Proposed as answer by
- Remove From My Forums
-
Question
-
Can anyone offer a solution for the following error which occurs when trying to Build Solution :-
error MSB3482: An error occurred while signing: Failed to sign binReleaseapp.publishDrawShapes.exe. SignTool Error: No certificates were found that met all the given criteria.
========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
Answers
-
This means that your Build task was configured to include a call to SignTool.exe to sign the executable DrawShapes.exe. When you invoke SignTool, you need to supply a series of parameters to tell it which certificate it should use for signing. The most
simple is «SignTool sign /a file.exe» which means «use the most adequate certificate» (and it could fail if there is no adequate certificate), but you can also choose a specific certificate in other ways such as selecting the certificate
store and the hash of the certificate. The error that you are seeing means that SignTool was unable to find in the machine where it is running a certificate that matches the requirements that you indicated in the command line to SignTool. You should review
the build configuration and fix the arguments that it is passing to SignTool.-
Proposed as answer by
Monday, August 1, 2016 9:29 AM
-
Marked as answer by
Danny van DamMVP, Editor
Monday, August 1, 2016 9:29 AM
-
Proposed as answer by
I have .pfx certificate which is self signed. I’ve signed the ClickOnce manifest of my VSTO (Excel Add-In project type in Visual Studio) project. Recently we have migrated the application from .Net 3.5 to 4.5 and Office 2007 to 2010 since then project (that used to work) and now it gives me an error:
An error occurred while signing: Unknown error «-2147012894»
SignTool Error: An unexpected internal error has occurred
The certificate is perfectly valid and not expired
Anyone had this kind of error before? Any suggestions?
I’d love an answer to this, since I’m having a similar problem. We updated our code signing certificate, and now I can build in VS 2012 but not if I use MSBUILD.EXE which is what the build process uses.
– gakera
2 Answers
Try creating a new certificate.
Look at the «Signing» section under the project’s properties.
In my case, my MSB3482 error occurred because my certificate had indeed expired. I clicked the button called «Create Test Certificate» and I was able to build and run again. (At least for another year)
Go to Project properties > Signing > Uncheck «Sign the ClickOnce manifests» to run your code
-
.NET
-
Syntax Specific
-
Visual Basic .NET
You should upgrade or use an alternative browser.
I keep getting a MSBuild Error MSB3482
-
Thread starterandrewspc825
-
Start dateFeb 29, 2020
andrewspc825
-
#1
how do I fixs this
Severity Code Description Project File Line Suppression State
Error An error occurred while signing: Failed to sign binDebugapp.publishTest.exe. SignTool Error: The signer’s certificate is not valid for signing.
SignTool Error: An error occurred while attempting to sign: binDebugapp.publishTest.exe Test
Please Help Thank You
Continue reading…
-
.NET
-
Syntax Specific
-
Visual Basic .NET
-
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
For the past 22 months, we’ve been publishing using ClickOnce to the same path, using the same certificate, with no problems. This week, problems found us:
C:WindowsMicrosoft.NETFrameworkv3.5Microsoft.Common.targets (3652,9): error MSB3482: An error occurred while signing: Failed to sign . SignTool Error: The signer’s certificate is not valid for signing. SignTool Error: An error occurred while attempting to sign:
The usual problem here is an expired certificate, but the certificate we’re using was created in December 2010 and expired in year 2039, so we knew expiration wasn’t a problem. The certificate file itself was also known to be valid; it was stored in our Subversion repository and hadn’t changed since the day it was created.
We called Microsoft (free support using our MSDN subscription). We spent about four hours working with them, creating test certificates, creating new certificates, trying to publish, with mixed and inconsistent results. We were told to use a new certificate because our current certificate was deemed corrupt. (When I asked what corrupt means, I was told it means the certificate file is bad. When I said that the MD5 hash of the certificate file was identical to the MD5 hash of the file created nearly two years ago and that it was stored in source control, I was told it was “bad” not corrupt. Semantics. Whatever.)
I seem to have fixed the problem this morning. It wasn’t the certificate. It wasn’t the path. Frankly, I don’t know what it is. I only know what steps I took before the point in which everything started publishing normally, as it had for the past 22 months.
Here’s what I did: I verified that every project in the solution has the same target platform (x86), .Net Framework version (3.5), and correct assembly information (some had default copyright information, some had autogenerated version numbers where we expected 1.0.0.0). After doing that and rebuilding, the ClickOnce publish worked as it did before, with the same old certificate, and clients behaved as expected (upgrading according to ClickOnce settings).
It makes no sense, because none of those settings were changed from our last good ClickOnce publish. Either way, it fixed the problem. Hopefully, it’ll help fix yours, if and when this annoying problem comes up.