On 21/02/2022 17:36, ma...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 7c54e36 Temporary workaround for broken DigiCert ONE REST API
7c54e36 is described below
commit 7c54e369e87f1eedd50e42f895c2b0cd058e30b8
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Feb 21 17:35:42 2022 +0000
Temporary workaround for broken DigiCert ONE REST API
DigiCert support claim that this will be fixed in the 1st March patch.
I'll test things towards the end of next week to confirm.
Mark
---
build.properties.default | 12 ++++++++++--
build.xml | 2 ++
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index f5d1ef1..cba8cb0 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -79,11 +79,19 @@ gpg.exec=/path/to/gpg
# Code signing of Windows installer
# See https://infra.apache.org/digicert-use.html for setup instructions
do.codesigning=false
-codesigning.alias=Tomcat-PMC-cert-2021-11
+#codesigning.alias=Tomcat-PMC-cert-2021-11
codesigning.digest=SHA-512
-codesigning.storetype=DIGICERTONE
+#codesigning.storetype=DIGICERTONE
# Set codesigning.storepass in build.properties with the following syntax
#codesigning.storepass=<api-key>|/path/to/Certificate_pkcs12.p12|<password>
+# Once DigiCert fix the broken REST API
+# - Uncomment alias & storetype above
+# - Remove the four lines below
+# - Remove the keystore field from build.xml
+codesigning.keystore=${user.home}/.digicertone/pkcs11properties.cfg
+codesigning.storepass=NONE
+codesigning.storetype=PKCS11
+codesigning.alias=Tomcat-PMC-key-2021-11
# ----- Settings to use when downloading files -----
trydownload.httpusecaches=true
diff --git a/build.xml b/build.xml
index 54cd5fd..fb5c56a 100644
--- a/build.xml
+++ b/build.xml
@@ -2562,6 +2562,7 @@ skip.installer property in build.properties" />
unless="skip.installer"
depends="-installer-create-uninstaller,setup-jsign"
if="${do.codesigning}">
<jsign file="${tomcat.dist}/Uninstall.exe"
+ keystore="${codesigning.keystore}"
storepass="${codesigning.storepass}"
storetype="${codesigning.storetype}"
alias="${codesigning.alias}"
@@ -2590,6 +2591,7 @@ skip.installer property in build.properties" />
description="Builds and optionally signs the Windows installer"
depends="-installer,setup-jsign" if="${do.codesigning}" >
<jsign file="${tomcat.release}/v${version}/bin/${final.name}.exe"
+ keystore="${codesigning.keystore}"
storepass="${codesigning.storepass}"
storetype="${codesigning.storetype}"
alias="${codesigning.alias}"
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
