我有同样的“私钥过滤后，0 certs被留下”的消息，我花了太多的时间试图弄清楚这条消息的意思。

问题是我在Windows证书存储中错误地安装了证书，因此没有与代码签名证书相关联的私钥。

我应该做的是:

Using either Firefox or Internet Explorer, submit the request to the issuer. This generates a PRIVATE KEY which is stored silently by the browser (a dialog appears for a fraction of a second in Firefox). Note that other browsers may not work: your life is too short to find out if they do. Submit the request, jump through the issuer's validation hoops and loops, sacrifice a goat, pray to the gods, submit a signed statement from your great grandparents, etc. Download the certificate (.crt) and import it into the same browser. The browser now has both the private key and the certificate. Export the certificate from the browser as a Personal Information Exchange (.p12) file. You will be asked to supply a password to protect this file. Keep a backup copy of the .p12 file. Run the Certificate Manager (certmgr.msc), right click on the Personal certificate store, select All Tasks/Import... and import the .p12 file into Windows. You will be asked for the password you used to protect the file. At this point, depending upon your security requirements, you can mark the key as exportable so you can restore a copy from the Windows store. You can also mark that a password is required before use if you want to break batch scripts. Run signtool successfully, breathe a sigh of relief, and ponder how much of your life you have wasted due to bad error messages and poor or missing documentation.

同样的问题，原来是证书的私钥没有权限。 要修复-打开证书管理，找到您的证书，右键单击->管理私钥，然后在安全顶部确保您的用户被添加并给予权限，这为我修复了它。

转到项目属性，在初始化编译之前取消选中Firm中的所有字段

我在使用Git Bash时得到了这个错误。 使用PowerShell成功。 如果这对谁有帮助的话。

我有同样的“私钥过滤后，0 certs被留下”的消息，我花了太多的时间试图弄清楚这条消息的意思。

问题是我在Windows证书存储中错误地安装了证书，因此没有与代码签名证书相关联的私钥。

我应该做的是:

Using either Firefox or Internet Explorer, submit the request to the issuer. This generates a PRIVATE KEY which is stored silently by the browser (a dialog appears for a fraction of a second in Firefox). Note that other browsers may not work: your life is too short to find out if they do. Submit the request, jump through the issuer's validation hoops and loops, sacrifice a goat, pray to the gods, submit a signed statement from your great grandparents, etc. Download the certificate (.crt) and import it into the same browser. The browser now has both the private key and the certificate. Export the certificate from the browser as a Personal Information Exchange (.p12) file. You will be asked to supply a password to protect this file. Keep a backup copy of the .p12 file. Run the Certificate Manager (certmgr.msc), right click on the Personal certificate store, select All Tasks/Import... and import the .p12 file into Windows. You will be asked for the password you used to protect the file. At this point, depending upon your security requirements, you can mark the key as exportable so you can restore a copy from the Windows store. You can also mark that a password is required before use if you want to break batch scripts. Run signtool successfully, breathe a sigh of relief, and ponder how much of your life you have wasted due to bad error messages and poor or missing documentation.

我通过使用/sm标志来指定查找机器存储而不是默认的“我的(本地用户)”存储来解决这个问题。此外，使用/debug可以帮助打开signtool的调试功能。