Reputation: 5745
Running tSQLt project from sources fails on the due to the Public Token mismatch
I'm trying to do some improvements for tSQLt framework and I'm mostly finish, but can't do that as few tests related to the certificate I wasn't touching are still failing:
[exec] |18|[InstallExternalAccessKeyTests].[test creates correct certificate in master] | 120|Failure|
[exec] |19|[InstallExternalAccessKeyTests].[test tSQLt can be set to EXTERNAL ACCESS after InstallExternalAccessKey executed] | 333|Failure|
[exec] |20|[InstallExternalAccessKeyTests].[test tSQLtExternalAccessKey install data is signed with same key as tSQLt.clr] | 10|Failure|
The failing error is:
Expected: %publickeytoken=8c9a92de0f9c7794,%
Actual: tsqltclr, version=1.0.7216.13228, culture=neutral, publickeytoken=8d3f4bf59e4c22fd, processorarchitecture=msil
I'll try to describe my installation process.
I installed this framework sources by using following guideline. However I couldn't start the project after that as it was failing with the following errors and the whole problem solving was done in that SO post:
[exec]
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(2482,5): error MSB3325: Cannot import the following key file: tSQLtOfficialSigningKey.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_C20B79DE0583A5C1 [E:\Source\tSQLt\tSQLtCLR\tSQLtCLR\tSQLtCLR.csproj] [exec]
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(2482,5): error MSB3321: Importing key file "tSQLtOfficialSigningKey.pfx" was canceled. [E:\Source\tSQLt\tSQLtCLR\tSQLtCLR\tSQLtCLR.csproj]
to pass this issue, I've created new keys for every project with no password:
I see that it created snk file, not as original pfx. After that I've tried to run the build again and it failed with the errors I mentioned above.
Upvotes: 9
Views: 296
Answers (1)
Reputation: 28403
As stated here
The following error may occur when building projects for Microsoft Visual Studio 2008 - 2015.
Error: Cannot import the following key file: mykey.pfx. The key file may be password protected.
Cannot import the following key file: mykey.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_C1D3ACB8FBF1AGK4
SOLUTION 1:
Click Start > All Programs > Microsoft Visual Studio >Visual Studio Tools > Visual Studio Command Prompt. Type the following command
sn -i "c:\Pathtofile\.pfx" VS_KEY_C1D3ACB8FBF1AGK4
Note: The sn.exe with the -i parameter, installs a key pair from into a key container named.Re-import the PFX file into Visual Studio.
SOLUTION 2:
Open Project Properties.
Click on the Signing section.
Where it says ‘Choose a strong name key file:’, re-select the current value from the drop-down box
Visual Studio will now prompt you for the password. Enter it. You might get another error message: ”An attempt was made to reference a token that does not exist” > You can simply ignore this message.
Click the ‘Change Password” button
Enter the original password in all three boxes and click OK. If you’d like to change
your password (or if your old password doesn’t meet complexity requirements), you can do so now.
Repeat for each key file in your project. Save your project and do a rebuild.
SOLUTION 3:
Get a copy of openssl for windows at slproweb.com or use a Linux box as they all pretty much have it. Run the following to export to a key file
openssl pkcs12 -in certfile.pfx -out backupcertfile.key
openssl pkcs12 -export -out certfiletosignwith.pfx -keysig -in backupcertfile.key
Then in the project properties you can use the PFX file
SOLUTION 4:
The final solution for this issue is to give up on Visual Studio for signing purpose and use Signtool instead.
Updated Answer
It seems that your TFS Build Service account has no required permission to access the signingKey.pfx on build agent machine. Make sure you have this file on build agent machine first.
Then follow below steps:
Log on the build agent as your local build service account (Better have Administrator permission)
Open a visual studio command prompt and navigate to the directory the key is stored in
Type command
sn –i signingKey.pfx VS_KEY_EFCA4C5B6DFD4B4F(Ensure that you use the key name appearing in the error message)When prompted for a password type the password for the pfx file
Then rebuild it
Note: If you are not running Visual Studio as an Administrator try doing that as well.
More details you can reference the answer from Brandon Manchester Cannot import the keyfile 'blah.pfx' - error 'The keyfile may be password protected'
Upvotes: 0
Related Questions
- Build error when signing with snk key
- Visual Studio 2019 TokenService.exe has failed with unexpected error: TS003: Error, TS004: Unable to get access token
- Cannot import the following key file: tSQLtOfficialSigningKey.pfx when running building tSLQt
- Implement tSQLt Framework with database which is part of TFS SQL Project
- Token-based server access validation failed with an infrastructure error
- TFS Build -Error CS1002: ; expected and Error CS1519 Invalid token
- Bearer Token Authentication not working in VSTS build
- tSQLt projects fail to build in Visual Studio 2012
- "PublicKeyToken <..> is not a valid extension type." Error?
- Could not find the type 'tSQLt.Private'