I'm having trouble building a VS2012 project with a signed ClickOnce deployment manifest. The .pfx certificate used to sign the project is password-protected with a paid-for key. I'm using Jenkins with the MSBuild plugin.
The error that shows up right after BUILD FAILED
is:
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(2455,5): error MSB3325: Cannot import the following key file: xxxx.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_11234A3322194 [C:\Program Files (x86)\Jenkins\jobs\xxxx\workspace\xxxx\xxxx.csproj]
I've tried installing the certificate as a Trusted Root Certificate on my local machine (using certlm.msc
) and also tried installing it to the specific container mentioned with sn.exe
, but this makes no difference. I've made sure that the Jenkins service is running as a specific user rather than the Local System account.
If I open the project in VS2012, I can build it but only once I've selected the certificate under the Signing tab of the project properties and entered the password. This is even though the .csproj is set to use that specific file to sign the ClickOnce manifest.
I can successfully build the project using MSBuild from the command line as an admin user, but it fails when Jenkins runs the build. I've also tried passing the certificate to Jenkins' MSBuild as the /property:AssemblyOriginatorKeyFile
parameter.
Any ideas on what could be causing this?