Edit

Share via


NuGet Warning NU3036

Scenario 1

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The timestamp's generalized time is outside the timestamping certificate's validity period.

Issue

The timestamp's generalized time is outside the timestamping certificate's validity period.

Solution

Try to re-sign and timestamp the package. If the problem persists, contact the timestamp authority to discover the source of the problem.

Scenario 2

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature's timestamp's generalized time is outside the timestamping certificate's validity period.

Issue

The certificate used to timestamp the package signature is invalid as the timestamp's generalized time is outside the timestamping certificate's validity period.

Solution

Request the package author to re-sign and timestamp the package using the nuget sign command as described in NuGet docs. If the problem persists, request the package author to contact the timestamp authority to discover the source of the problem.

Note

When running the nuget verify -signatures command, NU3036 is raised as an error. Otherwise, NU3036 is raised as a warning.