NuGet Error NU3004
Scenario 1
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The package is not signed.
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': signatureValidationMode is set to require, so packages are allowed only if signed by trusted signers; however, this package is unsigned.
Issue
If from nuget verify -signatures
NuGet client tried to verify an unsigned package.
If from restore or install when specifying signatureValidationMode to require
The require validation mode does not support unsigned package and an unsigned package is trying to be installed.
Solution
Please ensure that any package intended to be installed or passed to nuget verify -signatures command contains a package signature.
Scenario 2
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': This repository indicated that all its packages are repository signed; however, this package is unsigned.
Issue
The repository indicated that all its packages are repository signed. However, an unsigned package was downloaded.
Solution
Warning
This error may happen due to a bug when using multiple NuGet clients (see NuGet/Home#7997). Please upgrade to nuget.exe 5.1.0 or newer, Visual Studio 2019 16.1 or newer, and .NET SDK 2.1.70X or 2.2.30X or newer.
You can check if a package is signed using the dotnet nuget verify or nuget verify commands. If the package is unsigned, please contact the package source as this is unexpected.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for