Bugzilla – Bug 5468
Routine for renewing code signing certificates
Last modified: 2015-09-25 13:54:28
You need to
before you can comment on or make changes to this bug.
We now have two different certificates for code signing:
1) A cert from Go Daddy, used for signing the Windows client and the Java
Client verifier. The current cert expires "Oct 12 14:30:42 2015 GMT".
2) A cert from Apple, used for signing the OS X Client. The current cert
expires "Mar 12 10:31:50 2020 GMT".
We need some routine for making sure that these certs are re-newed in time.
Moved everything to a pki/ folder in r30706 for easier handling. Then added
some expiration checks as a Makefile target in r30707. Finally I've modified
the test script on chavez to run these tests as part of the automatic tests.
As a note, these tests couldn't easily be integrated into the other automatic
tests as those are run against an installed copy of ThinLinc, not the source
Verified the `make check` with expired certificate, works good.
Added bug 5624 for missing information about how to renew these certificates.