NuGet Error NU3001

Scenario 1

Invalid password was provided for the certificate file 'certificate.pfx'. Provide a valid password using the '-CertificatePassword' option.

Issue

A password protected certificate file was provided to the NuGet Sign operation. But an invalid or no password was provided.

Solution

If you are using a password protected certificate file to sign a NuGet package, then please use the -CertificatePassword option to pass the correct password.

Scenario 2

Certificate file 'certificate.pfx' not found. For a list of accepted ways to provide a certificate, visit https://docs.nuget.org/docs/reference/command-line-reference.

Issue

A certificate file was provided to the NuGet Sign operation. But the file does not exist on disk.

Solution

Please ensure that any certificate file being used to sign a NuGet package exists on disk.

Scenario 3

Certificate file 'random_file.txt' is invalid. For a list of accepted ways to provide a certificate, visit https://docs.nuget.org/docs/reference/command-line-reference.

Issue

A certificate file was provided to the NuGet Sign operation, but the file is not a valid certificate file.

Solution

Please ensure that any certificate file being used to sign a NuGet package is a valid certificate file.

Scenario 4

Multiple certificates were found that meet all the given criteria. Use the '-CertificateFingerprint' option with the hash of the desired certificate.

Issue

A certificate was suggested to the NuGet Sign command using the -CertificateSubjectName option. But multiple certificates were found to match the certificate subject name in the Windows certificate store.

Solution

Please pass the '-CertificateFingerprint' option with the hash of the desired certificate to the NuGet Sign command to uniquely identify a certificate.

Scenario 5

No certificates were found that meet all the given criteria. For a list of accepted ways to provide a certificate, visit https://docs.nuget.org/docs/reference/command-line-reference.

Issue

A certificate was suggested to the NuGet Sign command using the -CertificateSubjectName option. But no certificate was found to match the certificate subject name in the Windows certificate store.

Solution

Please ensure that you passing the right subject name filter, otherwise pass the '-CertificateFingerprint' option with the hash of the desired certificate to the NuGet Sign command to uniquely identify a certificate.

Scenario 6

The following certificate cannot be used for package signing as the private key provider is unsupported: Subject Name: CN=Certificate Subject Name
SHA1 hash: HASH
SHA256 hash: HASH
Issued by: Issuer Subject Name
Valid from: 4/9/2016 5:00:00 PM to 4/14/2020 5:00:00 AM

Issue

A certificate was passed to the NuGet Sign command which has an unsupported pribvate key provider.

Solution

Currently, due to framework limitations, NuGet sign command does not support CNG key private key provider. Please use a certificate with a CAPI private key provider.

Scenario 7

The package already contains a signature. Remove the existing signature before adding a new signature.

Issue

NuGet Sign command was used to sign a package which already has a package signature.

Solution

Please ensure that you are signing an unsigned package. If the package is already signed, then please use -Overwrite option to overwrite an existing signature.