In #16049 we added support for signature verification on Linux. This involved bringing 2 .pem files from the SDK into our aspire-managed.exe.
In order to get NuGet to use these .pem files, we needed to resort to reflecting on internals of NuGet.
Once there is a NuGet version with Aot compatible: NuGet.Packaging (NuGet/NuGet.Client#7197) fixed, we can remove this reflection and instead write the files to a folder named trustedroots next to our executable and NuGet will pick up the .pem files without needing for reflection.
This issue is tracking making that change once the available fixes are available.
In #16049 we added support for signature verification on Linux. This involved bringing 2 .pem files from the SDK into our aspire-managed.exe.
In order to get NuGet to use these .pem files, we needed to resort to reflecting on internals of NuGet.
Once there is a NuGet version with Aot compatible: NuGet.Packaging (NuGet/NuGet.Client#7197) fixed, we can remove this reflection and instead write the files to a folder named
trustedrootsnext to our executable and NuGet will pick up the .pem files without needing for reflection.This issue is tracking making that change once the available fixes are available.