www.cendio.com
Bug 5468 - Routine for renewing code signing certificates
: Routine for renewing code signing certificates
Status: CLOSED FIXED
: ThinLinc
Build system
: trunk
: PC Unknown
: P2 Normal
: 4.5.0
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2015-03-12 15:46 by
Modified: 2015-09-25 13:54 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2015-03-12 15:46:14
We now have two different certificates for code signing:

1) A cert from Go Daddy, used for signing the Windows client and the Java
Client verifier. The current cert expires "Oct 12 14:30:42 2015 GMT". 

2) A cert from Apple, used for signing the OS X Client. The current cert
expires "Mar 12 10:31:50 2020 GMT". 

We need some routine for making sure that these certs are re-newed in time.
------- Comment #1 From cendio 2015-08-27 16:50:24 -------
Moved everything to a pki/ folder in r30706 for easier handling. Then added
some expiration checks as a Makefile target in r30707. Finally I've modified
the test script on chavez to run these tests as part of the automatic tests.
------- Comment #2 From cendio 2015-08-27 16:51:08 -------
As a note, these tests couldn't easily be integrated into the other automatic
tests as those are run against an installed copy of ThinLinc, not the source
tree.
------- Comment #4 From cendio 2015-08-31 11:13:04 -------
Verified the `make check` with expired certificate, works good.
------- Comment #5 From cendio 2015-08-31 12:08:07 -------
Added bug 5624 for missing information about how to renew these certificates.