I've got an Excel add-in project that was created a couple years back in Visual Studio 2008. It's got some changes to be made so I've upgraded to Visual Studio 2010 (the only IDE I am able to use). Not sure if this is causing the problem but it's background information.
When I check out the code and compile it I get the error, "Error 1 Unable to find manifest signing certificate in the certificate store."
Can anyone tell me what this means and how to fix it?
You need to re-add that certificate to your machine or chose another certificate.
To choose another certificate or to recreate one, head over to the Project's properties page, click on Signing tab and either
Click on Select from store
Click on Select from file
Click on Create test certificate
Once either of these is done, you should be able to build it again.
I found this solution which solved the problem for me: Removing all entries in your *.csproj that fall into:
<manifestcertificatethumbprint>...</manifestcertificatethumbprint>
<manifestkeyfile>...</manifestkeyfile>
<generatemanifests>...</generatemanifests>
<signmanifests>...</signmanifests>
A quick solution to get me going was to uncheck the "Sign the ClickOnce manifests" in: Project -> (project name)Properties -> Signing Tab
When the project was originally created, the click-once signing certificate was added on the signing tab of the project's properties. This signs the click-once manifest when you build it. Between then and now, that certificate is no longer available. Either this wasn't the machine you originally built it on or it got cleaned up somehow. You need to re-add that certificate to your machine or chose another certificate.
Adding new certificate resolved this issue for me. Properties page -> signing -> Click on Create test certificate
Make sure you commit .pfx files to repository.
I just found *.pfx in my default .gitignore.
Comment it (by #) and commit changes. Then pull repository and rebuild.
Delete these entries mentioned in this post: http://manfredlange.blogspot.ca/2008/03/visual-studio-unable-to-find-manifest.html.
Also remove the .snk or .pfx files from the project root.
Don't forget to push these changes to GitHub, for Jenkins only pulls source from GitHub.
The issue of erroneous leftover entries in the .csproj file still occurs with VS2015update3 and can also occur if you try to change the signing certificate for a different one (even if that is one generated using the 'new' option in the certificate selection dropdown).
The advice in the accepted answer (mark as not signed, save, unload project, edit .csproj, remove the properties relating to the old certificates/thumbprints/keys & reload project, set certificate) is reliable.
I create a new key, I had to search the csproj for the old one and refactor it.
Related
I have a properly signed UWP application that I want my users to install using the new App Installer from Microsoft. In the screenshot you see the certificate path of my application. The UserTrust/Addtrust network is already in the trusted root folder and sideloading is enabled in Settings.
I have asked this on several forums and have researched this for a long time but I have not found any solution or way to troubleshoot the App Installer or the powershellscript AddDevPackage.ps
I am looking to find the right person at Microsoft to help me out because the responses on the MSDN forums just post the first google hit on sideloading an appx.
Please help me out.
So here is the full story on how to sideload an appxbundle using a comodo certificate
Get a Comodo SSL authenticode certificate
Export the certificate using a browser (Link), This certificate can be used in the Packaging section in the Package Manifest in Visual Studio. If you also want to sign the assembly, export again but this time, uncheck the include all certificates option.
2.b Also download and install these three certificates from Comodo.(Download Link). Open a search and type CertMgr, opening this will take you to the certificate manager. To the left, you can find Trusted Root folder and in there you can find certificates folder. In this folder, right click in an empty area and click import. Import the 'addtrustexternalcaroot' file. If there is already a comodo rsa file in here, open it and uncheck 'code signing'.
2.c Go to the intermediary root folder and its certificate folder. Here you import the other two files.
In Visual Studio, go to Project properties -> package manifest -> packaging and click Choose Certificate. Now you select the certificate which includes all the certificates in the path.
(optional) Go to project properties -> signing -> check 'Sign the assembly'. Now click choose certificate, enter your password and done.
Create an appxpackage
Verify the signing process by opening a cmd window and enter 'SignTool verify /pa 'path to your bundle here''
If all is well you should see something like this:
If the AddTrust/Usertrust root is not the top CA in your path, something went wrong and you have to try these steps again.
Let's say you upload your appxbundle folder as a zip file and download it on another PC. The smartscreen dialog will come up. It is possible that the publisher is 'unknown'. It is a matter of time before this is set correctly and will take more time and a build up of 'reputation' before the filter goes away.
Click run anyway and the app installer opens up. Click install. If there are any errors, open up a powershell and type Get-AppxLog. Here you can find all error info.
Done!
Question: Can I just upload the appxbundle and leave everything else behind?
Answer: Maybe, if the OS needs a dependency package like .Net Native Runtime appx, you can just upload both the x86 and x64 and have your clients download and install these before you let them install your main package. Be aware that the x86 and x64 packages are not interchangeable -> the native runtime is OS dependent.
cannot find out where VS saves a click once sign certificate reference. The only change that happens in csproj file when one toggles between click once is this:
<SignManifests>true</SignManifests>
or
<SignManifests>true</SignManifests>
My question is, how does VS know which certificate to use when SignManifests is true?
.pom.
Actually, I found the answer myself. It's the <ManifestCertificateThumbprint> entry that references the selected certificate. If you want to view what your resolved certificate is, then you can use a build target from here.
Everything is OK on Xcode4.6. When I try to use Xcode5 dp6 to run app on devices. I got an error of "No matching provisioning profiles found issue". How can I resolve this issue?
Don't forget to change profile in Provision Profile sections:
Ideally you should see Automatic in Code Signing Identity after you choose provision profile you need. If you don't see any option that's mean you don't have private key for current provision profile.
What really confused me was that there are two different sets of build settings:
1) for the Project
2) for the Target
In the sidebar (top left) there is a blue icon that represents your project. Click that:
Then in the main panel to the right, in the top bar, just to the left of the word, "General," there is a small icon of your Project. Click that, and now select the Target in the pop-up menu that appears:
Once you've selected the Target, now the build settings for the target can be changed. They are different than the ones for the Project itself... weird! I'm not sure why there are build settings for the Project as a whole, that are different from the Target, since the Target's settings are what gets used during building. So why even have settings for the Project? Not sure.
But that's how you change them. This solved the issue for me: go into the Target (not the Project!) under Code Signing > Provisioning Profile > and change the settings to the proper profile. For a long time I was just changing them in the Project only, since I didn't know I was supposed to select the Target, and I kept having this issue. This fixes it!
Setting your provisioning profile moved. It confounded me for a while until I found it also.
Select your project file (to open target)
Click on the "Build Settings" tab
Scroll down to "Code Signing" and see the new "Provisioning Profile" section there.
OK - all answers provided above are correct to some extend, but did not resolve this issue for me. I'm using Xcode5.
There are lots of threads around this general error but from what I read this is a bug in Xcode dating back to 3.x versions that can randomly create conflicts with your Keychain.
I was able to resolve this by doing the following:
Open Xcode -> preferences -> Accounts: delete your developer account
Open Keychain: Select Keys, delete all iOS keys; Select My Certificates, delete all iPhone certificates
Navigate to '/Users//Library/MobileDevice/Provisioning Profiles', delete all files (this is where Xcode stores mobile profiles)
Open Xcode -> preferences -> Accounts: re-add your developer account
Navigate to Project properties, Target, General Tab and you should see the following
Click 'Revoke and Request' (I tried this, it may take a few min) or 'Import Developer Profile' (or download from Apple developer portal and import this way, should be faster..)
FINALLY: you can go over to Build Settings and set 'Provisioning Profile' and 'Signing Settings' as described by everyone here..
Doing this and only this resolved this error for me.
Here's a simpler solution that worked for me:
In XCode5, double-click on your app's target. This brings up the Info pane for the target. In the "Build Settings" section, check the "code signing" section for any old profiles and replace with the correct one. update the value of "code signing identity" and "provisioning profile"
Sometimes, especially after generating a new certificate or starting to use a new code signing identity, there seems to be no other way to fix this, other than doing some cleaning the .pbxproj file. This is probably a bug that will be fixed, so if you are reading this long after this post, maybe you should try some other solution.
There is an excellent post about this in the pixeldock blog:
http://www.pixeldock.com/blog/code-sign-error-provisioning-profile-cant-be-found/
In short, mostly quoting from that article, you need to:
Make sure you have fetched all your remote iTunes Connect certificates in xcode5 from Preferences, Accounts, (select your account), View Details, press refresh button. (Normally, I answer no when xcode asks if I want to create certficate signing requests, it's not necessary when you only want to download/refresh your certificates)
Close Xcode
Right click on your project’s .xcodeproj bundle to show it’s contents.
Open the .pbxproj file in a text editor of your choice (make a backup copy first if you feel paranoid)
Find all lines in that file that include the word PROVISIONING_PROFILE and delete them.
Open Xcode
Enter your target and select the provisioning profile that you want to use.
Build your project
Good luck!
In xcode5 from Preferences, Accounts, (select your account), View Details, press refresh button. then select Provision Profile in build settings.
In my case the "Fix Issue" button triggers a spinner for about 20 seconds and fixes nothing.
This works for me (iOS 7 iPhone 5, Xcode 5):
Xcode > Window > Organizer > Devices
Find the connected device(with a green dot) on the left pane.
Select "Provisioning Profiles"
On the right pane, there is a line with warning.
Delete this line.
Now go back to click the "Fix Issue" button and everything is fine - the app runs in the device as expected.
I have 2 targets in my project, Free and Paid.
My mistake was i was looking at my free target while trying to build the paid target, a stupid mistake but possible someone out there might learn from this as well.
I get the same question as you you can click here :
About the question in xcode5 "no matching provisioning profiles found"
(About xcode5 的no matching provisioning profiles found )
When I was fitting with iOS7,I get the warning like this:no matching provisioning profiles found.
the reason may be that your project is in other group.
Do like this:find the file named *.xcodeproj in your protect,show the content of it.
You will see three files:
project.pbxproj
project.xcworkspace
xcuserdata
open the first, search the uuid and delete the row.
All of drop down lists disappeared in Build Settings after running the Fix Issue in Xcode 5. Spent several days trying to figure out what was wrong with my provisioning profiles and code signing. Found a link Xcode 4 missing drop down lists in Build Settings and sure enough I needed to re-enabled "Show Values" under the Editor menu. Hopefully this helps anyone else in this predicament.
Also, I had to clear my derived data, clean the solution and quit and reopen Xcode into for the code signing identities to correctly appear. My distribution provisioning profiles where showing up as signed by my developer certificate which was incorrect.
I had the same error today, with XCode 6.1
What I found was that, no matter what I tried, I couldn't get XCode to stop complaining about this Provisioning Profile with a GUID as its name.
The solution was to search for this GUID in the .pbxproj file, which lives within the XCode .xcodeproj folder.
Just find the line containing your GUID:
PROVISIONING_PROFILE = "A9234343-.....34"
and change it to:
PROVISIONING_PROFILE = ""
One other thing to check: Your XCode PROJECT settings contain your Provisioning Profile & Code Signing settings, but, there is a second set under your project's "TARGETS" tab.
So, if XCode is complaining about a Provisioning Profile which isn't the one quoted in your project settings, then go have have a look at the settings shown under "TARGETS" in your XCode project.
(I wish someone had given me this advice, 4 painful hours ago..)
I cannot build projects with a strong name key signing - the message in the title always comes up.
Yes the project was initially copied over from another machine. However even if I add a new key via the Signing tab in Project Properties, this error is still shown.
I have tried running Visual Studio as an Administrator and have tried manually adding the keys to Windows Certificate Store.
Help!
Edit: I don't get this error with a new project, but I'd quite like to get this existing project working. It won't work even if I create a new certificate!
I've finally found the solution.
Edit the .csproj file for the project in question.
Delete the following lines of code:
<PropertyGroup>
<ManifestCertificateThumbprint>...........</ManifestCertificateThumbprint>
</PropertyGroup>
<PropertyGroup>
<ManifestKeyFile>xxxxxxxx.pfx</ManifestKeyFile>
</PropertyGroup>
<PropertyGroup>
<GenerateManifests>true</GenerateManifests>
</PropertyGroup>
<PropertyGroup>
<SignManifests>false</SignManifests>
</PropertyGroup>
Go to your project's "Properties" within visual studio. Then go to signing tab.
Then make sure Sign the Click Once manifests is turned off.
Updated Instructions:
Within your Solution Explorer:
right click on your project
click on properties
usually on the left-hand side, select the "Signing" tab
check off the Sign the ClickOnce manifests
Make sure you save!
It's simple!!
I resolved this problem by following this steps:
Open project properties
Click on Signing Tab
And uncheck "Sign the assembly"
That's it!!
Try this:
Right click on your project → Go to properties → Click signing which is left side of the screen → Uncheck the Sign the click once manifests → Save & Build
Open the .csproj file in Notepad.
Delete the following information related to signing certificate in the certificate store
<PropertyGroup>
<ManifestCertificateThumbprint>xxxxx xxxxxx</ManifestCertificateThumbprint>
<ManifestKeyFile>xxxxxxxx.pfx</ManifestKeyFile>
<GenerateManifests>true</GenerateManifests>
<SignManifests>false</SignManifests>
</PropertyGroup>
Go to your projects "Properties" within visual studio. Then go to signing tab.
Then make sure Sign the Click Once manifests is turned off.
OR
1.Open the .csproj file in Notepad.
2.Delete the following information related to signing certificate in the certificate store
xxxxx xxxxxx
xxxxxxxx.pfx
true
false
`
Worked for me.
Assuming this is a personal certificate created by windows on the system you copied your project from, you can use the certificate manager on the system where the project is now and import the certificate. Start the certificate manager (certmgr) and select the personal certificates then right click below the list of existing certificates and select import from the tasks. Use the browse to find the .pfx in the project (the .pfx from the previous system that you copied over with the project). It should be in the sub-directory with the same name as the project directory. I am familiar with C# and VS, so if that is not your environment maybe the .pfx will be elsewhere or maybe this suggestion does not apply. After the import you should get a status message. If you succeeded, the compile certificate error should be gone.
It is not enough to manually add keys to the Windows certificate store. The certificate only contains the signed public key. You must also import the private key that is associated with the public key in the certificate. A .pfx file contains both public and private keys in a single file. That is what you need to import.
You said you copied files from another computer. After you copied them, did you 'Unblock' them? Specifically the .snk file should be checked to make sure it is not marked as unsafe.
To sign an assembly with a strong name using attributes
Open AssemblyInfo.cs (in $(SolutionDir)\Properties)
the AssemblyKeyFileAttribute or the AssemblyKeyNameAttribute, specifying the name of the file or container that contains the key pair to use when signing the assembly with a strong name.
add the following code:
[assembly:AssemblyKeyFileAttribute("keyfile.snk")]
If you need just build the project or solution locally then removing the signing might be a dead simple solution as others suggest.
But if you have this error on your automation build server like TeamCity where you build your actual release pieces for deployment or distribution you might want to consider how you can get this cert properly installed to the cert store on the build machine, so that you get a signed packages at the end of the build.
Generally it is not recommenced to check-in/commit any PFX certificates into source control, so how you get this files on your build server during the build process is a bit another question, but sometimes people do have this file stored along with the solution code, so you can find it in the project folder.
All you need to do is just install this certificate under proper account on your build server.
Download PsExec from Windows Sysinternals.
Open a command prompt, and enter the following. It will spawn a new command prompt, running as Local System (assuming that your TeamCity is running under the default Local System account):
> psexec.exe -i -s cmd.exe
In this new command prompt, change to the directory containing the certificate and enter the filename to install (change the name of the file to yours):
> mykey.pfx
The Import Certificate wizard will start up. Click through and select all the suggested defaults.
Run the build.
All credits goes to Stuart Noble (and then further to Laurent Kempé I believe ☺).
Just ran into this (again), due to PFX cert not being included in the code, for security.
For local testing, like Debug builds, the lead programmer of this solution had me go into Properties, Signing, click on "Create Test Certificate". In our setting he said just click ok, but one can put in a strong password here if warranted/needed.
I'm having a lot of troubles uploading my app to the appStore.
I create the profile, download it and added to my xcode.
So, I have my project my scheme in archive mode.
I try to Build and get this mistake:
Code Sign error: No unexpired provisioning profiles found that contain any of the keychain's signing certificates
I think this is because I had a previous profile file that was incorrect, I deleted it but still having this error.
How can I solve it?
Thank you in advance
I solved it, in project properties-> code signing I add the profile and it worked!
You can see information about signed in
Click Project on Left bar (Project Inspector), Select Project in central panel, Select BuildSettings tab, find Code Signin end setup your profile on each item.