NuGet package signing Errors and Warnings

This document contains a list of all warnings and errors that may occur during signing, verifying and using signed packages.

Package signing related errors and warnings should be in the following range -

Log Message Type	Starting Code	Ending Code
Errors	NU3000	NU3099
Warnings	NU3500	NU3599

Errors

3000

Issue

Default signature issue

NU3001

Issue

Package passed to the verify command has either of the two issues -

Package signature is invalid.
Package is not signed.

NU3002

Issue

Package verification fails due to one of the following -

Package integrity check failed. The package has been tampered.
Author signature verification failed.
Signature does not have a certificate.
Certificate does not meet the public key requirements.
Unable to validate signer certificate chain.

NU3011

Issue

Certificate chain cannot be built for the following cases -

The timestamp service's certificate chain could not be built for the following certificate -

NU3012

Issue

Certificate not valid in the following cases -

Author certificate was not valid when it was timestamped.

NU3021

Issue

Timestamp authority response not valid in the following cases -

Timestamp service's response does not meet the NuGet package signature specification: Timestamp response does not contain a matching response.
Timestamp service's response does not meet the NuGet package signature specification: Timestamp response does not contain an acceptable hash algorithm.
Timestamp service's response does not meet the NuGet package signature specification: Timestamp signature contains invalid content type.
Timestamp service's response does not meet the NuGet package signature specification: Timestamp response contains invalid signature value hash.
Timestamp service's response does not meet the NuGet package signature specification: Timestamp service's certificate does not contain a valid Enhanced Key Usage for timestamping.

NU3022

Issue

Signed package contains an invalid timestamp -

The signature contains an invalid timestamp. Detailed log contains more detailed failure.

# Warnings

NU3500

Issue

Default signing warning

NU3501

Issue

Certificate does not build to a trusted root - Signing certificate does not chain to a trusted root.

NU3502

Issue

Signature information unavailable. [Currently not thrown]

NU3521

Issue

No -Timestamper option was provided the signed package will not be timestamped. To learn more about this option, please visit https://docs.nuget.org/docs/reference/command-line-reference

Contributing

What's Being Worked On?

Check out the proposals in the accepted & proposed folders on the repository, and active PRs for proposals being discussed today.

Living Roadmap

NuGet package signing Errors and Warnings

Errors

3000

Issue

NU3001

Issue

NU3002

Issue

NU3011

Issue

NU3012

Issue

NU3021

Issue

NU3022

Issue

NU3500

Issue

NU3501

Issue

NU3502

Issue

NU3521

Issue

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!