Strong Name signature verification is broken for NuGet package versions > 5.0.0
blakedh opened this issue · 2 comments
Description
I have a .NET Framework 4.8.1 web app utilizing version 5.0.0 of this NuGet package with no issues. However, when I upgrade to any version higher than 5.0.0 (i.e. 7.0.25 or greater) my solution still builds, but the application errors on startup:
Could not load file or assembly 'Serilog.Sinks.AzureTableStorage' or one of its dependencies. Strong name signature could not be verified. The assembly may have been tampered with, or it was delay signed but not fully signed with the correct private key. (Exception from HRESULT: 0x80131045)
When I clone the repo, build locally and reference the project in my solution, it works as expected. Only the published NuGet package causes this error.
The problem appears related to the signing of the assembly during the release/publishing process.
Additional context
A similar bug seems to have affected other Serilog sinks and was fixed by disabling PublicSign by changing this line in the .csproj file:
<PublicSign Condition=" '$(OS)' != 'Windows_NT' ">true</PublicSign>
to be:
<PublicSign>false</PublicSign>
For more info about this fix, please see:
serilog-contrib/serilog-sinks-elasticsearch#504
serilog-contrib/serilog-sinks-elasticsearch#498 (comment)
@pwelter34 Working as expected again - excellent, thank you
Would've been nice if this had been fixed in a v7.0.x release as well. I currently have a project using Umbraco which seems to be hard limited to use Serilog v2,x which isn't supported by v8.x or higher of this package.