NuGet Warning NU3017

Scenario 1

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The signing certificate is not yet valid.

Issue

The certificate used to sign the package has a validity in the future, but is not valid currently.

Solution

Please ensure that the signing certificate is currently valid.

Scenario 2

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature's certificate is not yet valid.

Issue

The certificate used to sign the package has a validity in the future, but is not valid currently.

Solution

Please request the package author to re-sign the package using the nuget sign command as described in NuGet docs with a signing certificate which is currently valid.

Note

When NuGet’s signature validation mode is set to accept (default), NU3017 is raised as a warning. When NuGet’s signature validation mode is set to require, or when running the nuget verify -signatures command, NU3017 is elevated from a warning to an error.