![how to add a certificate in visual studio office add in how to add a certificate in visual studio office add in](https://bvisual.net/wp-content/uploads/2020/09/AI_SelectType-1.png)
You can add the new Microsoft author signing certificate by running the following command: nuget.exe trusted-signers Add -Name Microsoft2021 -CertificateFingerprint AA12DA22A49BCE7D5C1AE64CC1F3D892F150DA76140F210ABD2CBFFCA2C18A27 -FingerprintAlgorithm SHA256
#How to add a certificate in visual studio office add in install
If you try to install one of these newer Microsoft packages without updating your trusted signers, you’ll get an NU3034 error and the package will fail to install. You should keep the older Microsoft certificate as well to continue installing Microsoft packages signed with the older certificate. If you are using a NuGet client policy to enforce an allow list of trusted signers, then you will need to add the new Microsoft certificate to your allow list to avoid disruptions when installing Microsoft packages signed with the new certificate.
![how to add a certificate in visual studio office add in how to add a certificate in visual studio office add in](https://binaries.templates.cdn.office.net/support/templates/en-us/lt12008281_quantized.png)
Allow the new Microsoft certificate Client policy
![how to add a certificate in visual studio office add in how to add a certificate in visual studio office add in](https://i.stack.imgur.com/XnBOV.png)
If neither of the above scenarios apply to you, then you should be unaffected by the certificate update! Microsoft NuGet packages signed with the new certificate should install in the same way as packages signed with the old certificate do. This will look like the following in your code: NuGet.exe verify -Signatures -CertificateFingerprint 3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE Customers who use NuGet.exe verify to verify that signed packages are author signed by Microsoft. Keep in mind that you can have nfig files in multiple locations with different scopes. To tell if you have a NuGet client policy configured, check for the following elements in your nfig. Customers who are using a NuGet client policy to enforce an allow list of trusted signers that includes Microsoft. Existing packages already signed with the older certificate will retain their existing signature, but the older certificate will soon no longer be used to sign packages.Ĭurrent certificate SHA-256 fingerprint: 3F9001EA83C560D712C24CF213C3D312CB3BFF51EE89435D3430BD06B5D0EECE As early as November 1st, a new certificate will replace it as the new Microsoft author signing certificate for NuGet packages. That certificate will be expiring by the end of January 2021. Since 2018, Microsoft has used an X.509 certificate to author sign its NuGet packages. If you are unsure, we have outlined steps to check if you will be impacted. Action required: If you validate that packages are author signed by Microsoft using a NuGet client policy or the NuGet.exe verify command, please follow these steps by November 1st, 2020 to avoid potential disruptions when installing new Microsoft packages.