Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article describes the MSB3482 error code.
Message text
MSB3482: An error occurred while signing:
Description
This error occurs when MSBuild encounters an error when it tries to sign an output file while running the SignFile task.
Resolution
First, confirm the sign file exists. Next, make sure the signing tool is installed (the tool is installed as part of Visual Studio).
The standard output message text is followed by additional information from the signing tool. Look to the additional information to determine the cause of the problem. If the error mentions an option that isn't supported, such as the /fd option, you might have an older version of the signtool.exe file on your system. When the process encounters the older or unsupported version of the file, MSBuild returns this error message.
MSBuild works with the version of the tool in the Visual Studio or .NET SDK installation. The fix for the issue depends on your specific situation. Here are some possible solutions:
- Edit the PATH environment variable and reorder the directories
- Uninstall, rename, or otherwise hide the older version of the signtool.exe tool
- Uninstall or update the software package that contains the tool, such as updating an older version of the Windows SDK
Invalid thumbprint or certificate
If the thumbprint is invalid, it triggers a cryptographic error, and you might see the MSB3482 error. Check the string value for the CertificateThumbprint parameter to the SignFile task. The certificate thumbprint is the SHA-1 hash of the certificate. For more information, see Obtain the SHA-1 hash of a trusted root CA certificate. If you copy and paste the thumbprint from the certificate details, make sure you don't include the extra (3F) invisible character, which can prevent the SignFile task from finding the certificate.
Test certificates expire after a period of time. You might have to create a new certificate. For more information, see Sign application and deployment manifests. For newer .NET projects in Visual Studio 2019 or later, see Deploy a .NET Windows Desktop application using ClickOnce.
When you run the program in a non-interactive environment, such as a script in a pipeline, you can create a certificate by using the command-line tool certutil:
certutil –f –p [certificate_password] –importpfx <path to pfx file>
Applies to
All versions of MSBuild