Artifact Signing
A fully managed end-to-end service for digitally signing code, documents, and applications. (formerly Trusted Signing)
Azure Artifact Signing sign operation returns status Failed with null signature, active Public Trust profile
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 90%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERF%3C/text%3E%3C/svg%3E)
Rafael Fernandez
0
Reputation points
Azure Artifact Signing / Microsoft.CodeSigning issue.
Account appears healthy, but every sign operation fails after the service accepts the request.
Environment:
- Region: East US
- Endpoint: https://eus.codesigning.azure.net/
- Account provisioningState: Succeeded
- Certificate profile: PublicTrust, provisioningState Succeeded, status Active
- Identity validation: Completed
- Active certificates are present
- Microsoft.CodeSigning provider is Registered
- Signing user has Artifact Signing Certificate Profile Signer role
- SignTool x64 and Azure.CodeSigning.Dlib 1.0.119 are installed
- .NET 8 runtime installed
Failure:
Sign request is submitted successfully, then operation resolves to:
{
"status": "Failed",
"signature": null,
"signingCertificate": null,
"counterSignature": null
}
Reproduced with:
- Bahast.exe
- Tiny throwaway test EXE
- SignTool + Azure.CodeSigning.Dlib
- .NET sign tool / Artifact Signing client
- With timestamping and without timestamping
- Minimal metadata and metadata with ExcludeCredentials
Recent operation IDs:
- PII
New Public Trust profile creation attempts also reached terminal provisioningState Failed, and failed profile deletes also failed.
Can the Artifact Signing backend team check whether this account/profile/identity validation is stuck, suspended, or blocked server-side?
Artifact Signing
-
Rafael Fernandez 0 Reputation points
2026-06-12T22:30:20.34+00:00 Additional discriminator: the .NET sign tool successfully fetched the active FC TECH LABS Public Trust certificate from the profile, then failed only when submitting the signing operation.
Fetched certificate:
CN="FC TECH LABS, LLC", O="FC TECH LABS, LLC", L=Orlando, S=Florida, C=US
Serial: 330001F0118F98F87AF3B6071B00000001F011
Not After: 6/13/2026 3:29:01 PM
Failing sign operation:
4f92fd0c-9268-4ae2-912d-ea1ae2ee30d4
That seems to rule out authentication, endpoint, role assignment, certificate profile lookup, and local SignTool metadata as the primary cause.
-
Rafael Fernandez 0 Reputation points
2026-06-12T22:40:40.43+00:00 my subscription cannot open a technical Azure support ticket; what is the correct escalation path?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 52%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Meha-MSFT 1,880 Reputation points Microsoft Employee Moderator2026-06-12T23:15:57.35+00:00 we are looking into this
-
Jaxel Rojas Lopez 40 Reputation points Microsoft Employee2026-06-13T00:59:51.7666667+00:00 You should be able to sign once again.
-
Rafael Fernandez 0 Reputation points
2026-06-13T01:19:52.8033333+00:00 Thank you and confirmed signing is working now. Is there any docs/RCA on this so I know for future reference? (Also so I can close this with the answer)
Sign in to comment
Sign in to answer