TechQA.

Error MSB3325: Cannot import the following key file

838 views Asked by At

I have a project hosted in Azure DevOps and there the build is failing with the error message:

Error MSB3325: Cannot import the following key file: xxxx.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_xxxx

This happens after a project has been changed to sign the assembly with a newly generated password protected pfx signing certificate.

I have tried various fixes given in other SO posts and nothing seems to work.

Can anyone with azure-devops expertise help me with this situation.

msbuild azure-devops assembly-signing
Original Q&A
2

There are 2 answers

2
Leo Liu On

Error MSB3325: Cannot import the following key file

You can create a PowerShell script and add a PowerShell Script step in your build definition to import the new certificate file before the VSBuild step:

The PowerShell script I used to use:

$pfxpath = 'pathtoees.pfx'
$password = 'password'

Add-Type -AssemblyName System.Security
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import($pfxpath, $password, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]"PersistKeySet")
$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "MY", CurrentUser
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($cert)
$store.Close()

And it works fine on my side.

You can check the similar thread for some more details.

Hope this helps.

1
Dan On

You can use the SnInstallPfx.exe and add this in your pipeline as a powershell task

- task: PowerShell@2
  env:
    SN_INSTALL_PFX: $(snInstallPfx.secureFilePath)
    MYCERTIFICATE_PFX: $(myCertificatePfx.secureFilePath)
    MYCERTIFICATE_PFX_PASSWORD: $(myCertificatePfxPassword)
  inputs:
    targetType: 'inline'
    script: '&"$($ENV:SN_INSTALL_PFX)" "$($ENV:MYCERTIFICATE_PFX)" "$($ENV:MYCERTIFICATE_PFX_PASSWORD)"'

The pfx, exe and password are stored in the Pipeline library as secure files and variables.

For more information, see the following blog article.

Related Questions in MSBUILD

Related Questions in AZURE-DEVOPS

Related Questions in ASSEMBLY-SIGNING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions