Bug 5620 - New codesigning certificate
Summary: New codesigning certificate
Status: CLOSED FIXED
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Other (show other bugs)
Version: trunk
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.5.0
Assignee: Peter Åstrand
URL:
Keywords: hean01_tester, prosaic
: 5624 (view as bug list)
Depends on:
Blocks:
 
Reported: 2015-08-27 13:32 CEST by Peter Åstrand
Modified: 2015-09-04 13:06 CEST (History)
2 users (show)

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Peter Åstrand cendio 2015-08-27 13:32:38 CEST 
This is the bug corresponding to Issue 17128. We need a new codesigning certificate.
Comment 1 Peter Åstrand cendio 2015-08-27 13:38:07 CEST 
Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The tester should test:

* Windows client installer on common Windows versions. 

* The Java client verifier.
Comment 2 Peter Åstrand cendio 2015-09-01 13:14:48 CEST 
*** Bug 5624 has been marked as a duplicate of this bug. ***
Comment 3 Peter Åstrand cendio 2015-09-01 13:15:34 CEST 
From 5624:

"With bug 5468, certificates was moved to ctc/pki and while testing that bug i
noticed there was no info about how to update."
Comment 4 Peter Åstrand cendio 2015-09-02 15:21:10 CEST 
(In reply to comment #3)
> From 5624:
> 
> "With bug 5468, certificates was moved to ctc/pki and while testing that bug i
> noticed there was no info about how to update."

Fixed in 30733.
Comment 5 Henrik Andersson cendio 2015-09-03 07:56:09 CEST 
(In reply to comment #1)
> Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The
> tester should test:
> 
> * Windows client installer on common Windows versions. 
> 

Verified that the new certificate was used for signing the installer.
Comment 6 Henrik Andersson cendio 2015-09-03 08:30:25 CEST 
(In reply to comment #1)
> Fixed in 30705. Note that the new certicate is SHA-256 rather than SHA-1. The
> tester should test:
> 
> * Windows client installer on common Windows versions. 
> 
> * The Java client verifier.

Verified that the new certificate was used to sign files in ThinLincClientVerifier.jar:

  jarsigner -verify -certs -verbose ThinLincClientVerifier.jar
Comment 7 Henrik Andersson cendio 2015-09-03 08:44:43 CEST 
(In reply to comment #4)
> (In reply to comment #3)
> > From 5624:
> > 
> > "With bug 5468, certificates was moved to ctc/pki and while testing that bug i
> > noticed there was no info about how to update."
> 
> Fixed in 30733.

There is no information about the apple certificate except that one exists...

Also the text describing GoDaddy cert usage for signing Windows stuff is not true, the ThinLincClientVerifier.jar file not just windows... Maybe rephrase like:

  One from GoDaddy, used for normal code signing
Comment 9 Henrik Andersson cendio 2015-09-04 13:06:26 CEST 
Looks good.

Closing.
Note You need to log in before you can comment on or make changes to this bug.