Certificate (pfx) in personal store of build service user account, resolvekeysource never finds it

Question

I am trying to get our build server (TFS2010) to sign the assemblies for one of our projects.

I have manually imported the pfx (and associated 'chain' certificate) from verisign on the build machine, under/within the context of the build user account. I am using ResovleKeySource as part of the before build where I should be getting the ResolvedThumbprint as an output parameter.

The project file has the SignAssembly property set to true.

When i run this locally (ie build within VS2012), if I add a property to the proj file (ie CertificateThumbprint) with the thumbprint, on my local machine it finds the certificate in the store and signs the assembly.

The same thumbprint value is passed as a parameter to the build process, I can see it's there (using message statements) however, as noted, it never resolves.

Build user is local admin on that machine.

Has anyone encountered anything similar, and have suggestions on how to resolve the issue? I am not getting errors from the build process (ie such as can't find certificate in store) - I get nothing. No errors, but no resolved thumbprint either.

Answer 1

Ok, so it looks like there may have been a funky (unprinted) character in the thumbprint that was passed as a parameter from TFS to build. I had another developer look at the build definition, got them to modify the thumbprint parm value (yes, the ONLY change made) and, voila, the build starts signing like a champ....