You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2018/02/07 09:43:38 UTC
Symantec code signing issues - again :(
Yet again we are having issues with the Symantec code signing service.
The certificate associated with the API user we use to sign Tomcat
releases expires at the end of March. As the designated contact, I got
the renewal notice yesterday.
I've just tried to complete the renewal. The first step asks for the API
user name and password. When I provide them (and I know they are right
because they are copy and pasted from the same file I use for releases)
I receive "The user name and/or password is incorrect".
I tried a password reset just in case something got out of sync at
Symantec's end but no joy.
I'm not going to bother opening a support ticket. Experience tells me it
will be a waste of time. I'm going to go direct to our friendly, helpful
technical contact as that is the only way we ever seem to get stuff fixed.
I'm not expecting this to impact the 8.0.x release.
Once the issue is resolved, I'll renew the credentials and update our
shared copy.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: Symantec code signing issues - again :(
Posted by Mark Thomas <ma...@apache.org>.
On 07/02/18 09:43, Mark Thomas wrote:
> Yet again we are having issues with the Symantec code signing service.
>
> The certificate associated with the API user we use to sign Tomcat
> releases expires at the end of March. As the designated contact, I got
> the renewal notice yesterday.
>
> I've just tried to complete the renewal. The first step asks for the API
> user name and password. When I provide them (and I know they are right
> because they are copy and pasted from the same file I use for releases)
> I receive "The user name and/or password is incorrect".
>
> I tried a password reset just in case something got out of sync at
> Symantec's end but no joy.
>
> I'm not going to bother opening a support ticket. Experience tells me it
> will be a waste of time. I'm going to go direct to our friendly, helpful
> technical contact as that is the only way we ever seem to get stuff fixed.
>
> I'm not expecting this to impact the 8.0.x release.
>
> Once the issue is resolved, I'll renew the credentials and update our
> shared copy.
As always our friendly technical contact got this resolved with the
minimum of fuss. It was a work-around (re-sending the client auth
pick-up link for the API users) so the root cause is still unknown.
This does mean the API user certificate for the code signing has
changed. I've updated the shared copy.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org