Bug 5468 - Routine for renewing code signing certificates
Summary: Routine for renewing code signing certificates
Status: CLOSED FIXED
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Build system (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.5.0
Assignee: Pierre Ossman
URL:
Keywords: hean01_tester, prosaic
Depends on:
Blocks:
 
Reported: 2015-03-12 15:46 CET by Peter Åstrand
Modified: 2015-09-25 13:54 CEST (History)
2 users (show)

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Peter Åstrand cendio 2015-03-12 15:46:14 CET 
We now have two different certificates for code signing:

1) A cert from Go Daddy, used for signing the Windows client and the Java Client verifier. The current cert expires "Oct 12 14:30:42 2015 GMT". 

2) A cert from Apple, used for signing the OS X Client. The current cert expires "Mar 12 10:31:50 2020 GMT". 

We need some routine for making sure that these certs are re-newed in time.
Comment 1 Pierre Ossman cendio 2015-08-27 16:50:24 CEST 
Moved everything to a pki/ folder in r30706 for easier handling. Then added some expiration checks as a Makefile target in r30707. Finally I've modified the test script on chavez to run these tests as part of the automatic tests.
Comment 2 Pierre Ossman cendio 2015-08-27 16:51:08 CEST 
As a note, these tests couldn't easily be integrated into the other automatic tests as those are run against an installed copy of ThinLinc, not the source tree.
Comment 4 Henrik Andersson cendio 2015-08-31 11:13:04 CEST 
Verified the `make check` with expired certificate, works good.
Comment 5 Henrik Andersson cendio 2015-08-31 12:08:07 CEST 
Added bug 5624 for missing information about how to renew these certificates.
Note You need to log in before you can comment on or make changes to this bug.