www.cendio.com
Bug 5620 - New codesigning certificate
: New codesigning certificate
Status: CLOSED FIXED
: ThinLinc
Other
: trunk
: PC Unknown
: P2 Normal
: 4.5.0
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2015-08-27 13:32 by
Modified: 2015-09-04 13:06 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From cendio 2015-08-27 13:32:38
This is the bug corresponding to Issue 17128. We need a new codesigning
certificate.
------- Comment #1 From cendio 2015-08-27 13:38:07 -------
Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The
tester should test:

* Windows client installer on common Windows versions. 

* The Java client verifier.
------- Comment #2 From cendio 2015-09-01 13:14:48 -------
*** Bug 5624 has been marked as a duplicate of this bug. ***
------- Comment #3 From cendio 2015-09-01 13:15:34 -------
From 5624:

"With bug 5468, certificates was moved to ctc/pki and while testing that bug i
noticed there was no info about how to update."
------- Comment #4 From cendio 2015-09-02 15:21:10 -------
(In reply to comment #3)
> From 5624:
> 
> "With bug 5468, certificates was moved to ctc/pki and while testing that bug i
> noticed there was no info about how to update."

Fixed in 30733.
------- Comment #5 From cendio 2015-09-03 07:56:09 -------
(In reply to comment #1)
> Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The
> tester should test:
> 
> * Windows client installer on common Windows versions. 
> 

Verified that the new certificate was used for signing the installer.
------- Comment #6 From cendio 2015-09-03 08:30:25 -------
(In reply to comment #1)
> Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The
> tester should test:
> 
> * Windows client installer on common Windows versions. 
> 
> * The Java client verifier.

Verified that the new certificate was used to sign files in
ThinLincClientVerifier.jar:

  jarsigner -verify -certs -verbose ThinLincClientVerifier.jar
------- Comment #7 From cendio 2015-09-03 08:44:43 -------
(In reply to comment #4)
> (In reply to comment #3)
> > From 5624:
> > 
> > "With bug 5468, certificates was moved to ctc/pki and while testing that bug i
> > noticed there was no info about how to update."
> 
> Fixed in 30733.

There is no information about the apple certificate except that one exists...

Also the text describing GoDaddy cert usage for signing Windows stuff is not
true, the ThinLincClientVerifier.jar file not just windows... Maybe rephrase
like:

  One from GoDaddy, used for normal code signing
------- Comment #9 From cendio 2015-09-04 13:06:26 -------
Looks good.

Closing.