How to fix "Referenced assembly does not have a strong name" error

Question

I've added a weakly named assembly to my Visual Studio 2005 project (which is strongly named). I'm now getting the error:

"Referenced assembly 'xxxxxxxx' does not have a strong name"

Do I need to sign this third-party assembly?

Answer 1

Signing the third-party assembly worked for me:

Referenced assembly does not have a strong name

I've learned that it's helpful to post steps in case the linked article is no longer valid. All credit goes to Hiren Khirsaria:

1. Run Visual Studio command prompt and go to directory where your DLL located.

   For example, my DLL is located in D:/hiren/Test.dll

2. Now create the CIL file using the command below.

   D:/hiren> ildasm /all /out=Test.il Test.dll (this command generates the code library)

3. Generate a new key to sign your project.

   D:/hiren> sn -k mykey.snk

4. Now sign your library using the ilasm command.

   D:/hiren> ilasm /dll /key=mykey.snk Test.il

Answer 2

I added NuGet package 'StrongNamer' and my problem solved.

Answer 3

First make sure all NuGet packages are at the same version across all projects in your solution. E.g., you don’t want one project to reference NLog 4.0.0.0 and another project to reference NLog 4.1.0.0. Then try reinstalling NuGet packages with

Update-Package -reinstall

I had three third-party assemblies that were referenced by my assembly A and only two were included in References by my assembly B which also referenced A.

The missing reference to the third-party assembly was added by the update package command, and the error went away.

Answer 4

Use ilmerge. ilmerge is from Microsoft, but it is not shipped with Visual Studio or the SDKs. You can download it from here though. There is also a GitHub repository. You can also install from NuGet:

PM> Install-Package ilmerge

To use:

ilmerge assembly.dll /keyfile:key.snk /out:assembly.dll /targetplatform:v4,C:\Windows\Microsoft.NET\Framework\v4.0.30319 /ndebug

If needed, you can generate your own keyfile using sn (from Visual Studio):

sn -k key.snk

Answer 5

I was running into this with a ServiceStack DLL file I had installed with NuGet. Turns out there was another set of DLL files available that were labeled signed. Not going to be the answer for everyone, but you may just need to check for an existing signed version of your assembly.

Answer 6

For me my issue was that I had two of the same NuGet packages installed with different versions.

Answer 7

I was searching for a solution to the very same problem and unticking "Sign the assembly" option works for me:

(As you may notice, the screenshot comes from Visual Studio 2010, but hopefully it will help someone.)

Answer 8

I have written a tool to automatically strong-name sign assemblies including ones you do not have the source code for or projects that have been abandoned. It uses many of the techniques described in the answers in a simple way without any of the flaws or drawbacks of existing tools or dated instructions.

.NET Assembly Strong-Name Signer

I hope this helps out anyone that need to sign a third-party assembly without having to jump through hoops to get there.

Answer 9

For me, the problem was a NuGet package without a strong name. The solution was to install StrongNamer from NuGet, which automatically adds a strong name to all referenced assemblies. Just simply having it referenced in the project fixed my issue.

Answer 10

Expand the project file that is using the project that does not "have a strong name key" and look for the .snk file (.StrongNameKey).

Browse through to this file in Windows Explorer (just so that you know where it is).

Back in Visual Studio in the project that does not "have a strong name key", do

• Right click on the project file
• Select Properties
• Select "Signing tab" (on the left)
• Click the check box "Sign the assembly"
• Then <Browse> to the .snk file you found earlier

That should do the trick. This solved a problem for me for one project using a form inside another project in the same solution.

I hope it helps.

Answer 11

Situation: You had project A,B,C,D in solution X,Y

Project A, B, C in X Project A, C, D in Y

I need use project C in project A, but later i dont use. In bin Debug project A had C.dll.

If I compile solution X, all good ( in this solution i delete reference A -> C. ), but in solution Y I get this problem.

Solution is delete C.dll in project A bin Debug

Answer 12

To avoid this error you could either:

• Load the assembly dynamically, or
• Sign the third-party assembly.

You will find instructions on signing third-party assemblies in .NET-fu: Signing an Unsigned Assembly (Without Delay Signing).

Signing Third-Party Assemblies

The basic principle to sign a thirp-party is to

1. Disassemble the assembly using ildasm.exe and save the intermediate language (IL):

   ildasm /all /out=thirdPartyLib.il thirdPartyLib.dll 
   

2. Rebuild and sign the assembly:

   ilasm /dll /key=myKey.snk thirdPartyLib.il
   

Fixing Additional References

The above steps work fine unless your third-party assembly (A.dll) references another library (B.dll) which also has to be signed. You can disassemble, rebuild and sign both A.dll and B.dll using the commands above, but at runtime, loading of B.dll will fail because A.dll was originally built with a reference to the unsigned version of B.dll.

The fix to this issue is to patch the IL file generated in step 1 above. You will need to add the public key token of B.dll to the reference. You get this token by calling

sn -Tp B.dll 

which will give you the following output:

Microsoft (R) .NET Framework Strong Name Utility  Version 4.0.30319.33440
Copyright (c) Microsoft Corporation.  All rights reserved.

Public key (hash algorithm: sha1):
002400000480000094000000060200000024000052534131000400000100010093d86f6656eed3
b62780466e6ba30fd15d69a3918e4bbd75d3e9ca8baa5641955c86251ce1e5a83857c7f49288eb
4a0093b20aa9c7faae5184770108d9515905ddd82222514921fa81fff2ea565ae0e98cf66d3758
cb8b22c8efd729821518a76427b7ca1c979caa2d78404da3d44592badc194d05bfdd29b9b8120c
78effe92

Public key token is a8a7ed7203d87bc9

The last line contains the public key token. You then have to search the IL of A.dll for the reference to B.dll and add the token as follows:

.assembly extern /*23000003*/ MyAssemblyName
{
  .publickeytoken = (A8 A7 ED 72 03 D8 7B C9 )                         
  .ver 10:0:0:0
}

Answer 13

Removing the "Sign the assembly" check mark under the "Signing" tab works as @Michal Stefanow said.

Add here is the simplest way to sign your own files and/or other people's files. You just need to add this line under the "Post-build event command line":

"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\bin\signtool.exe" sign /f "$(ProjectDir)\YourPfxFileNameHere.pfx" /p YourPfxFilePasswordHere /d "Your software title here" /du http://www.yourWebsiteHere.com /t http://timestamp.verisign.com/scripts/timstamp.dll /v "$(BaseOutputPath)$(TargetFileName)"

You can sign other people's files or your own files and as many as you want.

Answer 14

You can use unsigned assemblies if your assembly is also unsigned.

Answer 15

How to sign an unsigned third-party assembly

1. Open up Developer Command Prompt for Visual Studio. This tool is available in your Window programs and can be found using the default Windows search.
2. Ensure your prompt has access to the following tools by executing them once: sn ildasm and ilasm
3. Navigate to the folder where your Cool.Library.dll is located
4. sn –k Cool.Library.snk to create a new key pair
5. ildasm Cool.Library.dll /out:Cool.Library.il to disassemble the library
6. move Cool.Library.dll Cool.Library.unsigned.dll to keep the original library as a back-up
7. ilasm Cool.Library.il /dll /resource=Cool.Library.res /key=Cool.Library.snk to reassemble the library with a strong name
8. powershell -command "& {[System.Reflection.AssemblyName]::GetAssemblyName($args).FullName} Cool.Library.dll" to get the assembly fully qualified name. You will need this bit if you have to reference the DLL in external configuration files like web.config or app.config.

Answer 16

I had this issue for an app that was strongly named then had to change it in order to reference a non-strongly named assembly, so I unchecked 'Sign the assembly' in the project properties Signing section but it still complained. I figured it had to be an artifact somewhere causing the problem since I did everything else correctly and it was just that. I found and removed the line: [assembly: AssemblyKeyFile("yourkeyfilename.snk")] from its assemblyInfo.cs file. Then no build complaints after that.