ILMerge is an excellent tool for “linking” multiple assemblies into one.  But one of its switches, /keyfile:, which allows it to sign the resulting merged assembly, only accepts .snk files.  It reports no error if you feed it a password-protected .pfx key-pair file, but the resulting assembly is invalid. 

>ilmerge /keyfile:some.pfx /out:mergedsome.dll some.dll someother.dll

>sn -v mergedsome.dll

Microsoft (R) .NET Framework Strong Name Utility  Version 3.5.30729.1
Copyright (c) Microsoft Corporation.  All rights reserved.

mergedsome.dll is a delay-signed or test-signed assembly

>sn -R mergedsome.dll some.pfx

Failed to read token from assembly -- The public key for assembly 'mergedsome.dll' was invalid.

So ILMerge was generating an assembly that strong name verification reported was delay-signed, and which sn.exe could not re-sign either. 

I shot an email off to Mike Barnett and he was very responsive and interested in helping.  He suggested that I try an ordinary .snk file (a keypair file not protected with a password) and that worked fine.

So how do you get ILMerge to work with .pfx files?  First extract the public key from the pfx file, then use that public key to have ILMerge delay-sign the merged assembly, then use sn.exe to re-sign.  Not too bad, really:

>sn -p some.pfx some.pub
>ilmerge /keyfile:some.pub /delaysign /out:mergedsome.dll some.dll someother.dll
>sn -R mergedsome.dll some.pfx

And now we have an ILMerge’d assembly, signed by your PFX file. Hurray!

3 thoughts on “How to get ILMerge to work with .PFX files”
  1. Ever tried to use ILMerge with WPF or Silverlight? Have a look, it doesn't work.

  2. I came across this while looking for a solution to the ilmerge/pfx issue.

    I have been using ILMerge for silverlight 3 and 4 assemblies for around a year now and have not come across any issues, except the pfx signing one. Although, I still don't have an answer for the pfx issue.

Comments are closed.