Develop Reference

Cannot import pfx key file - Visual studio 2019

I have a VSTO add-in which I'm migrating from VS2010 to visual studio 2019. However, I forgot the password to mypfx key attached to the main project of the solution.
I'm now trying to create a new one and import it into my project to replace the old key which I can't use anymore. I've tried subsequent steps indicated on stackoverflow and other sites, but I keep getting the following build error in VS2019:
Cannot import the following key file: newtest.pfx. The key file may be password protected.
To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_10580C0D68F0E891 <project name>
However, that's exactly what I'm trying. First, I create a new certificate as indicated here:
New-SelfSignedCertificate -DnsName "somename" -CertStoreLocation "cert:\LocalMachine\My"
Then I export it :
$CertPassword = ConvertTo-SecureString -String “somepass” -Force –AsPlainText
Export-PfxCertificate -Cert cert:\LocalMachine\My\<somethumbprint> -FilePath <path>/newtest.pfx -Password $CertPassword
Final step, as in this question is to use sn.exe with the following command:
sn -i sg newtest.pfx VS_KEY_XXXXXXXXXXXX
The command runs successfully, but when I restart vs2019 again and open the add-in solution, the samen error pops up again. What can I do?
EDIT
Also, I cannot uncheck the "sign clickonce manifest" checkbox in Project > Properties > Signing. THis means that the Select from store option as mentioned in the answer below is unavailable.
I have moved this project to another computer, could that be the cause?
A bit stuck here.

I had the exact same problem a few weeks ago. What helped in my case is that I created the certificate just like you (placed in the Personal Certificate Store), then instead of the command line tools I used the Signing menu in Visual Studio 2019 to import the cert.
Right Click on the Project, then Properties, then Signing. Enable Sign the ClickOnce manifest and Select from Store to use the newly created certificate.

SSIS Visual Studios 2019 . Oracle Connection . Manual package execution via DTExec

Problem: Hi SO community. Trying to execute a VS_2019 package that I can execute while in BIDS. Ran though all the specs including converting the package to
1) Package deployment mode
2) Converted the package to run in 32-bit mode
3) Finally, creating a config file to store the Oracle server credentials in
using this url: https://www.sqlservercentral.com/articles/how-to-execute-an-ssis-package-from-the-command-line-or-a-batch-file
4) Build the project no issues ; i.e. zero erros.
What I have tried:
"C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\DTExec.exe" /file "C:\Users\name\Desktop\SSIS_Local\JDA_Test\bin\Development\OrderAccuracy.dtsx" /config "C:\Users\name\Desktop\SSIS_Local\JDA_Test\JDA_PackageDeployment_Config.dtsConfig"
AND
"C:\Program Files\Microsoft SQL Server\150\DTS\Binn\DTExec.exe" /file "C:\Users\name\Desktop\SSIS_Local\JDA_Test\bin\Development\OrderAccuracy.dtsx" /config "C:\Users\name\Desktop\SSIS_Local\JDA_Test\JDA_PackageDeployment_Config.dtsConfig"
and both give me the error: The SSIS runtime version 15.0.2000.5 is too low for this Oracle connector. Please install a newer version of SSIS (later than SQL Server 2019 RTM).
End Error
Finally: internals of config file are:
SERVER=0.0.025.183:1521/DB;USERNAME=PB;WINAUTH=0;data source=0.0.225.183:1521/db;user id=pb;password=kuttp8x2bRRE;
So any help or direction would be great. Please feel free to ask any further questions.
I'm NOT even connecting to a SQL Server 2019. My source is Oracle. And my destination is going to be a flat file. This data will go into Snowflake database. But ETL tool used to connect to Oracle is SSIS.

Solution was to install the latest SQL Server 2019 update located here:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F4548597%2Fcumulative-update-4-for-sql-server-2019&data=02%7C01%7Cv-sagkal%40microsoft.com%7C69a0e5d79ceb4ae3e20608d7daec4509%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637218580624686059&sdata=4avejidj69V2tJoQ5CWAaqIX9SCaHohWD%2F4we5hEGsg%3D&reserved=0
Package now runs with both 32-bit and 64-bit DTSExec versions. Password for source is stored in a config file and solution is on 'package deployment mode' .
Solution for anyone who runs into this issue in future.

Oracle ODAC 18.3 for Windows Server 2019 Installation Errors

I am trying to install Oracle ODAC 18.3 on a Windows Server 2019 Standard so that I can create a data source connection to an Oracle database from a SQL Server 2019 instance, either by using Polybase or a Linked Server connection. The only components that I need installed are the Oracle Provider for OLE DB and Oracle Provider for OLE DB for OLAP. During the Perform Prerequisite Checks stage of the install, there are errors.
The errors are as follows:
PRVG-1901 : failed to setup CVU remote execution framework directory "C:\Users\[username]\AppData\Local\Temp\CVU_18.0.0.0.0_[username]\ on nodes ""
Please select a different work area for the framework
[hostname] : PRKN-1014 : Failed to execute remote command "C:\Users\[username]\AppData\Local\Temp\CVU_18.0.0.0.0_[username]\\exectask.exe" on node "[hostname]". Failed during connecting to service
[hostname] : Failed during connecting to service
Notes regarding error message above. [username] refers to my username that I am logging in with to Windows. It is an Active Directory account. [hostname] refers to the computer name that I am trying to install ODAC on. Also, I have tried installing this a few different times, all with the same error messages. On the second and third time installing I verified that during the installation the
C:\Users\[username]\AppData\Local\Temp\CVU_18.0.0.0.0_[username]\ directory is getting created, so this should not be a permissions issue.
In the PRKN-1014 error message, I did notice that there is an extra backslash in the path, CVU_18.0.0.0.0_\[username]\\exectask.exe, so my suspicion is that there is an issue with the installer not being able to identify the correct path to find the exectask.exe. If I traverse to the
C:\Users\[username]\AppData\Local\Temp\CVU_18.0.0.0.0_[username]\ directory I indeed find the exectask.exe file.
I have found a few different solutions online for others that worked for them, but none have worked for me. One solution was to add in the System Environment Variables the _JAVA_OPTIONS variable with a value of -Xmx512M. A second solution was to change the Environment Variables user variables TEMP and TMP to C:\TEMP. Neither of these worked and resulted in the exact same errors. I did in fact confirm that the Oracle Universal Installer extracted the files to the C:\TEMP directory.
Any and all suggestions would be very much appreciated!

I wasn't able to get the Oracle "Universal" Installer to work, like you. However, I was able to install the Oracle Provider for OLE DB and Oracle Provider for OLE DB for OLAP (same as you were trying to get) using the ODAC Xcopy installer.
I downloaded the ODAC Xcopy installer from here:
https://www.oracle.com/database/technologies/dotnet-odacdeploy-downloads.html
After downloading the installer, I ran the install batch file to install those two components. An extra undocumented step is that you must update the PATH environment variable on your system to include your install location and bin folder. In my case, "C:\Oracle" and "C:\Oracle\Bin".

MSB3481 Certificate Error

I have a build server on window 2008 R2. I am running CruiseControl.net using msbuil 3.5. I know for a fact that the certificate is installed and the thumbprint is correct. I did look into this SO question MSBuild SignFile task returning MSB3481: The signing certificate could not be located and tried that solution but didn't work. From the msbuild script the error is thrown on the code line below. I am not sure if there is anything specific to window 2008 R2.
<SignFile CertificateThumbprint="$(CertThumbprint)"
SigningTarget="#(%(ManifestItems.DeployManifestOutput))"/>

Found out during the install for the original pfx certificate file on window 2008 R2, one of the values default to prompt for password. In my scenario the original pfx certificate file doesn't have a password but windows still prompt for a password entry. During the MSBuild execution on the build server the password prompt, which causes it to hang since no response to the prompt is made.
A few ways to go about this is to supply an empty password through the assembly manifest in MSBuild script or during the pfx certificate install to opt out to prompt for password.

Cannot import the following key file error when importing pfx

I researched this question thoroughly on stackoverflow and I have seen numerous answers but none of them have worked for us yet. We recently bought a code signing certificate from comodo that we are going to use to sign our c# WPF .net4 application. We have followed the instructions on the following URL
and have then imported the certificate in visual studio under 'project properties->singing->sign the assembly'. We then try to build the project and get the following error:
Cannot import the following key file: comodo.pfx. The key file may be password protected. To correct this, try to import the certificate again manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_xxxxxxxxxxxxxxx.
We have found numerous solutions on the internet and have tried the following:
Click on Change Password and use the same password in all 3 places
sn -i [comodo].pfx VS_KEY_xxxxxxxxxxxxx
tried converting it to password-less snk file and use that instead of .pfx
Tried running visual studio as admin and importing key
Tried creating very simple barebones project and signing with that
Tried visual studio 2010 as well as 2012
We tried adding the following to the assembly [assembly: AssemblyKeyFile("path to key file")]
Added event in postbuild "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Bin\signtool.exe" sign /f "$(ProjectDir)[keyfile].pfx" /p [thepassword] /v "$(ProjectDir)obj\Release\$(TargetFileName)"
Added in a section in the .csproj file:
Downloaded http://visualstudiogallery.msdn.microsoft.com/a83505c6-77b3-44a6-b53b-73d77cba84c8 and clicked 'Apply Fix' on the error
We have had no success thus far. We can import the key just fine using the password so we know the password is correct. We also know that this works fine for signing the manifest in a clickonce publish. Just to make sure we weren't having any other issues, we turned off the cilckonce signing and are just trying to sign the assembly.

You can simply open "Project > Property > Signing" and uncheck the "Sign the ClickOnce manifests" checkbox.

I have learned that Visual Studio doesn't seem to handle subordinate certificates very well. I tried several certs on multiple machines (different OS/VS combinations) with the same results. I finally found this as a workaround:
Sign the assembly with
signtool sign /f "[path to pfx]" /p [password] /v "[path to assembly]"
Build your installer with mageUI (see "Manually Deploying a ClickOnce Application")
The issue with Visual Studio seems to be that it does not like certificate chaining. This you can solve by importing/exporting the certificate without the chaining. The next issue is addressed by using the certutil and export with the AT_SIGNATURE. I was able to import it into VS and build, however it doesn't seem to sign the assembly.

I got similar error. Solved it by choosing Install PFX from a context menu in Windows Explorer.

Another 'worked for me' ...
Right-clicked on the PFX in Windows Explorer, chose 'Install PFX' and in the wizard supplied the password. Then in the project properties in VS, under 'Signing' chose 'Change Password' and re-entered the password. Prior to this only running VS as administrator would work.

Best solution I can think of is go to Project --> Properties --> Choose a strong name key file dropdown and select "New" --> Create the key and then go to Certificate section on top --> click Select from File and choose the new Key you created --> Build Solution --> Publish.

For me following worked,
First Install certificate by double clicking on it. then,
Project Properties -> Signing -> If 'Sign the ClickOnce manifests' is checked -> click on 'Select from file' and select .pfx file and it should show all the certificate valid details like Issued to, Issued By, Intended Purpose etc.

I had the same issue. I am building the application from a thumb drive on numerous computers and believe this is the cause.
I found success with the "sn -i [comodo].pfx VS_KEY_xxxxxxxxxxxxx" method.
I did the following steps:
Run "Developer Command Prompt" as administrator (found in Start->All Programs->Visual Studio->Tools)
Navigate to your key directory (for me this was the root of my project directory, not the solution directory)
Execute "sn -i mykey.pfx VS_KEY_xxxxxxxxxxxxx" (mykey.pfx and VS_KEY_xxxxxxxxxxxxx are both found in the build error message)
Enter the password if required
When I tried this without running "Developer Command Prompt" as an administrator, I get the help display text when running "sn -i mykey.pfx VS_KEY_xxxxxxxxxxxxx" and it does not work. The trick was to make sure I ran the develop prompt as an administrator.
For context, I am using VS Community 2013.5, Window 7 x64 Professional, and NET Framework 4.7

Navigate to Project Properties --> Signing
Please select corresponding *.pfx file from drop down.
Enter the previous password used for code signing. (password: ask the person who has signed the assembly and created the self signed certificates and code signed)
(optional) It automatically adds your certificate as trusted. It can
be seen using Management console window ( run MMC command and add
certificate add-snaps to see the certificate)