NuGet Warning NU3009

Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The package signature file does not contain exactly one primary signature.

Issue

NuGet client tried to verify a package signature which contained multiple SignerInfo fields.

Solution

Please request the package author to re-sign the package using the nuget sign command as described in NuGet docs. If the problem persists, then please file an issue at NuGet/Home along with the package that generated this problem.

Note

When NuGet’s signature validation mode is set to accept (default), NU3009 is raised as a warning. When NuGet’s signature validation mode is set to require, or when running the nuget verify -signatures command, NU3009 is elevated from a warning to an error.