Wednesday 26 February 2014

TFS Build with Password Protected PFX (Resolve Cannot import the following key file)

Today I ran into a problem with one of development team insisting to use the .pfx file signing assembly  and they wanted it to be built by the build server.

But when I configures the build it started failing giving the error "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Common.targets (2482): Cannot import the following key file: key1.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_7174AB5A189B7774"

My normal advice to any one is to use .snk instead of .pfx so you do not have to import the keys or below mentioned steps in build server. But this team has not given me any chance so I had no choice.

So I spent about an hour google for a solution. Finally managed to fix my issue by doing below steps.

1. Logged into my build server with my account and executed sn -i key1.pfx VS_KEY_7174AB5A189B7774 in developer command prompt. (VS_KEY_7174AB5A189B7774 here is the key container name provided in thee build error)

2. Queued build with no luck.

3. With the advice here logged on to Build Server with TFS build service account and tried executing sn -i key1.pfx VS_KEY_7174AB5A189B7774

4. With the advice here 

 I tried executing sn -d  VS_KEY_7174AB5A189B7774 and got the below error

WOW ... It says it exist and it says it is not there...

5. Thought for few minutes I signed out of build server from TFS build service account and logged in back with my user account. and executed sn -d  VS_KEY_7174AB5A189B7774 and it worked and deleted the key container.

6. I signed out of the build server from my account and signed in with TFS build service account and executed sn -i key1.pfx VS_KEY_7174AB5A189B7774 this time the key installed without any issue.

Queued the build again and ..Success at the end.


Anonymous said...

Very nice, it works now. Thank you! :)

akhil said...

How about for Visual Studio online ? I don't have a server to login into ?

peer said...

i am not the comment poster, but very thanks for your blog entry, very helpful, wasted >2 hours with googling non helping information, this info was the key.

thx a lot!

Anonymous said...

Thanks for sharing this, I switched to .snk as you mentioned. That worked like a charm for me.

Popular Posts