Having trouble with ClickOnce manifests and our build server.
We have a .p12 code signing certificate (which is the same as a .pfx). I can assign this certificate on a developer machine in:
Visual Studio->Project->Properties->Signing->Select from file, then
enter the password for the certificate.
Everything builds/publishes fine locally.
However when checking in all files to our TFS build server the automatic build generates this error:
Cannot import the following key file: . The key file may be password
protected. To correct this, try to import the certificate again or
import the certificate manually into the current user’s personal
certificate store.
Is there a way to pass in the password to the build definition so that the built assembly is signed?
Also each developer who does a ‘get latest’ currently needs to re-sign the assembly with the correct password each time, is there a better way?
Note:
- The build server does not have Visual Studio.
- I have tried manually importing the certificate, under the account that the build runs on, to the personal certificates folder.
This is what fixed my problem:
1 ) Logon as the TFS build controller account and install the certificates manually there.
2) With some older certificates there can be a problem with the root authorisation (chaining), in this case download the root certificate from your certificate issuer, and possibly an intermediate certificate.
3) Make sure the computer/virtual machine that is running the service “Visual Studio Team Foundation Build Service Host” is running under an account that has the certificates installed. In our case this is the same as the build controller account.