NuGet Warning NU3021
Scenario 1
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature's timestamp signature validation failed.
Issue
NuGet client failed to verify the SignedCms object inside the timestamp on the package signature.
Solution
Please request the package author to re-sign the package using the nuget sign command as described in NuGet docs. If the problem persists, request the package author to contact the Timestamp Authority to discover the source of the problem.
Scenario 2
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The timestamp signature validation failed.
Issue
The SignedCms object inside the timestamp on the package signature could not ve verified.
Solution
Please try to re-sign and timestamp the package. If the problem persists, contact the Timestamp Authority to discover the source of the problem.
Note
When running the nuget verify -signatures command, NU3021 is raised as an error. Otherwise, NU3021 is raised as a warning.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for