Use Strong Name Key on TeamCity for Digital Signature

We started using strong names for some of our assemblies. Strong named assemblies are assemblies, that get digitally signed with a strong name key to ensure its uniqueness (i.e. in GAC). A strong name consists of the assembly’s identity, culture information (optional), version number plus a public key and a digital signature.

As we did not want to commit the strong name key (.pfx file) to the GIT repository, we excluded the .pfx file in the gitignore file. This lead to failing builds on our TeamCity build server because the strong name key referenced in .csproj file (“) could not be found. We first thought about creating a pre build step in every build configuration that copies the .pfx file to the location defined in .csproj. This was not really a good approach as we would have to touch every build configuration so I searched for other possibilities. I found a much easier way to do it by overriding the property in .csproj file that references the strong name key file. For that I needed to save the strong name key somewhere on the corresponding build agent(s).

Below I’ll describe the solution step by step.

  1. Copy the strong name key (.pfx file) to the build agent(s) where the source code will be built (i.e. to C:\data)
  2. Add the following parameter of kind System property (system.) to the corresponding TeamCity project or to one of the overlying projects for usage in multiple sub projects

    strongnamekey

  3. Run the build configuration

  4. The execution will fail with the following error

    ... error MSB3325: Cannot import the following key file: SomeKey.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_0F25B0A32E1FCDB5

  5. Click Start > All Programs > Microsoft Visual Studio > Visual Studio Tools > Developer Command Prompt for VS2015

  6. Execute the following command with the container name from the build error message

    sn -i "c:\PathToPfxFile\SomeKey.pfx" VS_KEY_0F25B0A32E1FCDB5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: