Open sampsonye opened 3 years ago
I opened https://github.com/NuGet/Home/issues/10491 for this
Same issue. Working directly on debian. Tried to add signatureValidationMode to accept. Added microsoft news certificate fingerprints as trustedSigners. Added mozilla/VeriSign_Universal_Root_Certification_Authority to ca-certificate chain and updated ca-certificates. Nothing worked!
The error message NU3028: The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain means that NuGet cannot verify the signature of the package that you are trying to install. This can happen for a few reasons:
The package is not signed with a trusted certificate. The certificate that is used to sign the package has expired or been revoked. The certificate chain for the package is not complete. To resolve this error, you can try the following:
Make sure that you are using the latest version of NuGet. Make sure that you have the latest version of the certificate chain for the package that you are trying to install. You can usually find this information on the package's website or in the package's README file. Try installing the package from a different source, such as the NuGet Gallery or the package's website. If you are still having trouble, you can try disabling certificate revocation checking. To do this, set the NUGET_DisableCertificateRevocationCheck environment variable to true. Important: Disabling certificate revocation checking is not recommended, as it can allow you to install packages that are not trusted. You should only disable certificate revocation checking if you are absolutely sure that you trust the package that you are trying to install.
this error happen in this docker repo: mcr.microsoft.com/dotnet/sdk