Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Enable NuGet sign to work with KeyVault certficates #8002
NuGet sign currently works against local PFX files. Modern digital signatures can now be stored in cloud providers such as Azure KeyVault providing an HSM-backed security key. The NuGet client should provide a mechanism to use Azure KeyVault as a direct source for signing.
Enabling this directly in the nuget client makes it easier for DevOps flows to leverage without needing additional tools that are hard to manage in Azure DevOps and not globally available to others.