Using Password Protected Signing Keys in TeamBuild


As you might already know, a managed component can be uniquely identified by assembly signing. Refer here to learn details on this subject. This can be executed in TeamBuild process as well.


 


Yesterday, I’ve answered a query on how to use password protected signing keys in TeamBuild. Thought it would be useful for all TeamBuild users, so here are the details:


 


Password protected signing keys may result in the following exception:


 


C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Common.targets(1718,7): error MSB4018: The “ResolveKeySource” task failed unexpectedly.
System.InvalidOperationException: Showing a modal dialog box or form when the application is not running in UserInteractive mode is not a valid operation. Specify the ServiceNotification or DefaultDesktopOnly style to display a notification from a service application.
   at Microsoft.Build.Shared.ExceptionHandling.RethrowUnlessFileIO(Exception e)
   at Microsoft.Build.Tasks.ResolveKeySource.ResolveAssemblyKey()
   at Microsoft.Build.Tasks.ResolveKeySource.Execute()
   at Microsoft.Build.BuildEngine.TaskEngine.ExecuteTask(ExecutionMode howToExecuteTask, Hashtable projectItemsAvailableToTask, BuildPropertyGroup projectPropertiesAvailableToTask, Boolean& taskClassWasFound)


 


It is because the build tries to open a dialog to accept password information and fails since TeamBuild process runs under a service where GUI cannot be invoked.


 


For this to work without prompting, the key needs to be exported into a key container crypto store on the build machine under the account that performs the build. Once exported, the build will not ask for a password anymore. The crypto store will do the signing and take care to keep private key safe.


 


One of the quicker ways to do this:


          Logon to the build machine using the build service account


          Run msbuild on any project that uses this signing key. It will prompt for the password and will export the key.


          Now start the TeamBuild full build.


 


Namaste