The author primary signature's timestamping certificate is not trusted by the trust provider

Question

The author primary signature's timestamping certificate is not trusted by the trust provider

Closed this issue 3 years ago · 1 comments

On my fresh install on FreeBSD 12.2 NuGet package restores fail with the following error message:

Package 'Microsoft.Extensions.Logging 5.0.0' from source 'https://api.nuget.org/v3/index.json': The author primary signature's timestamping certificate is not trusted by the trust provider.
Package 'Microsoft.Extensions.Logging 5.0.0' from source 'https://api.nuget.org/v3/index.json':
Signature type: Repository
Package 'Microsoft.Extensions.Logging 5.0.0' from source 'https://api.nuget.org/v3/index.json': Subject Name: CN=NuGet.org Repository by Microsoft, O=NuGet.org Repository by Microsoft, L=Redmond, S=Washington, C=US
Package 'Microsoft.Extensions.Logging 5.0.0' from source 'https://api.nuget.org/v3/index.json': SHA256 hash: 0E5F38F57DC1BCC806D8494F4F90FBCEDD988B46760709CBEEC6F4219AA6157D
Package 'Microsoft.Extensions.Logging 5.0.0' from source 'https://api.nuget.org/v3/index.json': Valid from: 4/10/2018 2:00:00 AM to 4/14/2021 2:00:00 PM

Emphasis mine. There are dozens of such messages (basically for all nuget packages to restore). I have installed all the prerequisites including updating my ca_nss_root. I have found this recently filed issue, however this issue should no longer be present on 5.0.401 if I understand correctly (and should only occur on Windows).

Answer 1 · 2021-10-03T06:53:35.000Z

This is an issue with root certs on your host