This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 53%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJE%3C/text%3E%3C/svg%3E)
We currently sign nuget packages using dotnet nuget sign command in the project with 3rd party certificate. How can we sign with Azure Trusted Signing certificate?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @John Earle ,
The dotnet/Sign project now has a pre-release version with Trusted Signing integration to expand our support to NuGet. https://www.nuget.org/packages/sign/0.9.1-beta.24325.5
Once this is more stable, we will publish more information on how to use it with Trusted Signing, but I'm also checking internally to see if there is additional documentation I can share with you.
There was a similar request in Github recently that has an ongoing discussion on this topic. https://github.com/dotnet/sign/issues/683
If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions.
Thank you. Any addition information and updates would be greatly appreciated.
After reviewing your references, it appears that the NuGetKeyVaultSignTool adds code signatures to a NuGet package using an X509 certificate stored in Microsoft Azure Key Vault. Does this imply we have to generate a an x509 from the 3-day sliding certificate, add it to an Azure Key Vault, and upload the .cer to Nuget? Or is there a smoother way in the works for nuget support for sliding certificate signing via Trusted Signing?