NuGet Warning NU3000

Tip

Use the verify command to view package signatures and timestamps.

Scenario 1

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature does not have a timestamp.

Issue

The package has a primary signature which does not have a timestamp.

Solution

To enable long-term signature validity after the signature certificate has expired, please ensure that the package signature is timestamped.

Scenario 2

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': Multiple timestamps are not accepted.

Issue

The package has a signature with multiple timestamps.

Solution

Please ensure that each package signature contains no more than 1 timestamp.

Scenario 3

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The repository countersignature does not have a timestamp.

Issue

The package has a repository counter signature which does not have a timestamp.

Solution

For long term signature validity, please ensure that any package signature has a timestamp.