You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2022/02/21 17:36:22 UTC

[tomcat] branch 9.0.x updated: Temporary workaround for broken DigiCert ONE REST API

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 6a58fb9  Temporary workaround for broken DigiCert ONE REST API
6a58fb9 is described below

commit 6a58fb9cde6fea3fe54922553bff05a5faa6d9bd
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Feb 21 17:35:42 2022 +0000

    Temporary workaround for broken DigiCert ONE REST API
---
 build.properties.default | 12 ++++++++++--
 build.xml                |  2 ++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index f0fb460..6bc7de3 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -81,11 +81,19 @@ gpg.exec=/path/to/gpg
 # Code signing of Windows installer
 # See https://infra.apache.org/digicert-use.html for setup instructions
 do.codesigning=false
-codesigning.alias=Tomcat-PMC-cert-2021-11
+#codesigning.alias=Tomcat-PMC-cert-2021-11
 codesigning.digest=SHA-512
-codesigning.storetype=DIGICERTONE
+#codesigning.storetype=DIGICERTONE
 # Set codesigning.storepass in build.properties with the following syntax
 #codesigning.storepass=<api-key>|/path/to/Certificate_pkcs12.p12|<password>
+# Once DigiCert fix the broken REST API
+# - Uncomment alias & storetype above
+# - Remove the four lines below
+# - Remove the keystore field from build.xml
+codesigning.keystore=${user.home}/.digicertone/pkcs11properties.cfg
+codesigning.storepass=NONE
+codesigning.storetype=PKCS11
+codesigning.alias=Tomcat-PMC-key-2021-11
 
 # ----- Settings to use when downloading files -----
 trydownload.httpusecaches=true
diff --git a/build.xml b/build.xml
index 6e24ad4..326d7b1 100644
--- a/build.xml
+++ b/build.xml
@@ -2505,6 +2505,7 @@ skip.installer property in build.properties" />
       unless="skip.installer" depends="-installer-create-uninstaller,setup-jsign"
       if="${do.codesigning}">
     <jsign file="${tomcat.dist}/Uninstall.exe"
+        keystore="${codesigning.keystore}"
         storepass="${codesigning.storepass}"
         storetype="${codesigning.storetype}"
         alias="${codesigning.alias}"
@@ -2533,6 +2534,7 @@ skip.installer property in build.properties" />
       description="Builds and optionally signs the Windows installer"
       depends="-installer,setup-jsign" if="${do.codesigning}" >
     <jsign file="${tomcat.release}/v${version}/bin/${final.name}.exe"
+        keystore="${codesigning.keystore}"
         storepass="${codesigning.storepass}"
         storetype="${codesigning.storetype}"
         alias="${codesigning.alias}"

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org