Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Scenario 1
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The timestamp signature has an unsupported digest algorithm. The following algorithms are supported: : SHA-2-256, SHA-2-384, SHA-2-512.
Issue
The timestamp's signature has an unsupported digest algorithm.
Solution
Ensure that the timestamp authority's signature has one of the following digest algorithms -
SHA-2-256SHA-2-384SHA-2-512
Scenario 2
Package 'SamplePackage v1.0.0' from source 'https://contoso.com/index.json': The primary signature's timestamp signature has an unsupported digest algorithm.
Issue
The timestamp's signature has an unsupported digest algorithm.
Solution
Request the package author to re-sign the package using the nuget sign command as described in NuGet docs using the -Timestamper option such that the timestamp authority signing certificate has one of the following digest algorithms -
SHA-2-256SHA-2-384SHA-2-512
Note
When running the nuget verify -signatures command, NU3024 is raised as an error. Otherwise, NU3024 is raised as a warning.