error NU3028: The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain

[sampsonye]

this error happen in this docker repo: mcr.microsoft.com/dotnet/sdk

root@bc87722291e2:/# mkdir sp
root@bc87722291e2:/# cd sp
root@bc87722291e2:/sp#
root@bc87722291e2:/sp#
root@bc87722291e2:/sp# dotnet new webapi
The template "ASP.NET Core Web API" was created successfully.

Processing post-creation actions...
Running 'dotnet restore' on /sp/sp.csproj...
  Determining projects to restore...
/sp/sp.csproj : error NU3028: Package 'Microsoft.Extensions.ApiDescription.Server 3.0.0' from source 'https://api.nuget.org/v3/index.json': The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain
/sp/sp.csproj : error NU3028: Package 'Microsoft.OpenApi 1.2.3' from source 'https://api.nuget.org/v3/index.json': The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain
/sp/sp.csproj : error NU3037: Package 'Microsoft.Extensions.ApiDescription.Server 3.0.0' from source 'https://api.nuget.org/v3/index.json': The author primary signature validity period has expired.
/sp/sp.csproj : error NU3037: Package 'Microsoft.OpenApi 1.2.3' from source 'https://api.nuget.org/v3/index.json': The author primary signature validity period has expired.
/sp/sp.csproj : error NU3028: Package 'Microsoft.Extensions.ApiDescription.Server 3.0.0' from source 'https://api.nuget.org/v3/index.json': The repository countersignature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain
/sp/sp.csproj : error NU3028: Package 'Microsoft.OpenApi 1.2.3' from source 'https://api.nuget.org/v3/index.json': The repository countersignature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain
  Failed to restore /sp/sp.csproj (in 458 ms).
Restore failed.
Post action failed.
Description: Restore NuGet packages required by this project.
Manual instructions: Run 'dotnet restore'

[dasMulli]

I opened NuGet/Home#10491 for this

[exeptionerror]

All Possible Solution added At [solved] The author primary signature’s timestamp found a chain building issue: UntrustedRoot: self-signed certificate in certificate chain

[kitingChris]

Same issue. Working directly on debian.
Tried to add signatureValidationMode to accept.
Added microsoft news certificate fingerprints as trustedSigners.
Added mozilla/VeriSign_Universal_Root_Certification_Authority to ca-certificate chain and updated ca-certificates.
Nothing worked!

[Apollo9999]

The error message NU3028: The author primary signature's timestamp found a chain building issue: UntrustedRoot: self signed certificate in certificate chain means that NuGet cannot verify the signature of the package that you are trying to install. This can happen for a few reasons:

The package is not signed with a trusted certificate.
The certificate that is used to sign the package has expired or been revoked.
The certificate chain for the package is not complete.
To resolve this error, you can try the following:

Make sure that you are using the latest version of NuGet.
Make sure that you have the latest version of the certificate chain for the package that you are trying to install. You can usually find this information on the package's website or in the package's README file.
Try installing the package from a different source, such as the NuGet Gallery or the package's website.
If you are still having trouble, you can try disabling certificate revocation checking. To do this, set the NUGET_DisableCertificateRevocationCheck environment variable to true.
Important: Disabling certificate revocation checking is not recommended, as it can allow you to install packages that are not trusted. You should only disable certificate revocation checking if you are absolutely sure that you trust the package that you are trying to install.