release: capture nuget signing cert

NuGet requires that signed packages have a matching registered signing
certificate [1]. Update release workflow to capture this certificate from the Sign
CLI tool and upload it as a release artifact.

1: https://learn.microsoft.com/en-us/nuget/create-packages/sign-a-package#register-the-certificate-on-nugetorg

Author: ldennington

.github/workflows/release.yml

@@ -464,13 +464,18 @@ jobs:
           -u "https://github.com/git-ecosystem/git-credential-manager" `
           -acst $env:ACST `
           -acsi $env:ACSI `
-          -acss $env:ACSS
+          -acss $env:ACSS `
+          -acsc nuget-signing-certificate.cer
+
+        mv nupkg/* .
 
-    - name: Publish signed package
+    - name: Publish signed package and certificate
       uses: actions/upload-artifact@v4
       with:
         name: dotnet-tool-sign
-        path: nupkg/*.nupkg
+        path: |
+          *.nupkg
+          *.cer
 
 # ================================
 #           Validate