1(1) .NET (1)
2
6 This article applies to: ✔️ .NET 5.0.100-rc.2.x SDK and later versions
7
9 dotnet nuget verify - Verifies a signed NuGet package.
10
12 dotnet nuget verify [<package-path(s)>]
13 [--all]
14 [--certificate-fingerprint <FINGERPRINT>]
15 [-v|--verbosity <LEVEL>]
16 dotnet nuget verify -h|--help
18
20 The dotnet nuget verify command verifies a signed NuGet package.
21 Arguments
23 • package-path(s)
24 Specifies the file path to the package(s) to be verified. Multiple
26 position arguments can be passed in to verify multiple packages.
27
29 • --all
30 Specifies that all verifications possible should be performed on the
32 package(s). By default, only signatures are verified.
33 [!NOTE] This command currently supports only signature verification.
35 • --certificate-fingerprint <FINGERPRINT>
37 Verify that the signer certificate matches with one of the specified
39 SHA256 fingerprints. This option can be supplied multiple times to
40 provide multiple fingerprints.
41 • -v|--verbosity <LEVEL>
43 Sets the verbosity level of the command. Allowed values are q[uiet],
45 m[inimal], n[ormal], d[etailed], and diag[nostic]. The default is
46 minimal. For more information, see <xref:Microsoft.Build.Frame‐
47 work.LoggerVerbosity>.
48 The following table shows what is displayed for each verbosity level.
50 q[uiet] m[inimal] n[ormal] d[etailed] diag[nos‐
52 tic]
53 ──────────────────────────────────────────────────────────────────────
54 Certificate ❌ ❌ ❌ ✔️ ✔️
55 chain In‐
56 formation
57 Path to ❌ ❌ ✔️ ✔️ ✔️
58 package be‐
59 ing veri‐
60 fied
61 Hashing al‐ ❌ ❌ ✔️ ✔️ ✔️
62 gorithm
63 used for
64 signature
65 Au‐ ❌ ❌ ✔️ ✔️ ✔️
68 thor/Repos‐
69 itory Cer‐
70 tificate ->
71 SHA1 hash
72 Au‐ ❌ ❌ ✔️ ✔️ ✔️
73 thor/Repos‐
74 itory Cer‐
75 tificate ->
76 Issued By
77 Timestamp ❌ ❌ ✔️ ✔️ ✔️
78 Certificate
79 -> Issued
80 By
81 Timestamp ❌ ❌ ✔️ ✔️ ✔️
82 Certificate
83 -> SHA-256
84 hash
85 Timestamp ❌ ❌ ✔️ ✔️ ✔️
86 Certificate
87 -> Validity
88 period
89 Timestamp ❌ ❌ ✔️ ✔️ ✔️
90 Certificate
91 -> SHA1
92 hash
93 Timestamp ❌ ❌ ✔️ ✔️ ✔️
94 Certificate
95 -> Subject
96 name
97 Au‐ ❌ ✔️ ✔️ ✔️ ✔️
98 thor/Repos‐
99 itory Cer‐
100 tificate ->
101 Subject
102 name
103 Au‐ ❌ ✔️ ✔️ ✔️ ✔️
104 thor/Repos‐
105 itory Cer‐
106 tificate ->
107 SHA-256
108 hash
109 Au‐ ❌ ✔️ ✔️ ✔️ ✔️
110 thor/Repos‐
111 itory Cer‐
112 tificate ->
113 Validity
114 period
115 Au‐ ❌ ✔️ ✔️ ✔️ ✔️
116 thor/Repos‐
117 itory Cer‐
118 tificate ->
119 Service in‐
120 dex URL (If
121 applicable)
122 Package ❌ ✔️ ✔️ ✔️ ✔️
123 name being
124 verified
125 Type of ❌ ✔️ ✔️ ✔️ ✔️
126 signature
127 (author or
128 repository)
129 ❌ indicates details that are not displayed. ✔️ indicates details
131 that are displayed.
132 • -?|-h|--help
134 Prints out a description of how to use the command.
136
138 • Verify foo.nupkg:
139 dotnet nuget verify foo.nupkg
141 • Verify multiple NuGet packages - foo.nupkg and all .nupkg files in
143 the directory specified:
144 dotnet nuget verify foo.nupkg c:\mydir\*.nupkg
146 • Verify foo.nupkg signature matches with the specified certificate
148 fingerprint:
149 dotnet nuget verify foo.nupkg --certificate-fingerprint CE40881FF5F0AD3E58965DA20A9F571EF1651A56933748E1BF1C99E537C4E039
151 • Verify foo.nupkg signature matches with one of the specified certifi‐
153 cate fingerprints:
154 dotnet nuget verify foo.nupkg --certificate-fingerprint CE40881FF5F0AD3E58965DA20A9F571EF1651A56933748E1BF1C99E537C4E039 --certificate-fingerprint EC10992GG5F0AD3E58965DA20A9F571EF1651A56933748E1BF1C99E537C4E027
156 (1)