VSTS build fails with MSB3325, Cannot import PFX key file

Question

I had created a build definition to build a desktop application online on visualstudio.com which fail at task Build Solution (Visual Studio build) with following error,

[error]C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\MSBuild\15.0\Bin\Microsoft.Common.CurrentVersion.targets(3156,5): Error MSB3325: Cannot import the following key file: Sixmod5Certificate.pfx. The key file may be password protected. To correct this, try to import the certificate again or manually install the certificate to the Strong Name CSP with the following key container name: VS_KEY_3B2BCC84AE4E26F1

I followed solution specified at, https://developercommunity.visualstudio.com/content/problem/156086/vsts-build-msb3325-cannot-import-the-following-key.html

then as specified at, https://stackoverflow.com/a/48698229/3531672 I had added a powershell script task before build task, as follows,

[CmdletBinding()]
param(  
    [Parameter(Mandatory)][string] $pfxpath,
    [Parameter(Mandatory)][string] $password
)

Add-Type -AssemblyName System.Security
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import($pfxpath, $password, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]"PersistKeySet")
$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "MY", CurrentUser
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($cert)
$store.Close()

but no luck yet,

There are different SO post similar to this specifying solution to build from Admin user, or installing pfx certificate manually, but as they are related to personal computer and I am trying to configure Continuous integration on visualstudio.com, they don't seem useful to me.

Please note I am able to successfully build on my local machine.

If you wish to regenerate this problem at your end, follow these steps,

STEP 1: Create a new VSTO Addin Project (Any Excel/Word/Powerpoint).

STEP 2: Attach this to VSTS.

STEP 3: In signing tab of Application properties, instead of using temperory certificate, create a new password protected certificate (PFX - Personal Information Exchange in my case) and use this to sign ClickOnce Manifest

STEP 4: Try to build on local machine, it will succeed.

STEP 5: Push it over and try to build on VSTS, you will get the same error as above.

Answer 1

I unchecked the "Sign the assembly" checkbox from the "project properties -> Signing" page and everything worked like a charm. The build was signed successfully through VSTS. Somehow I missed this solution provided in many SO threads related to the problem.