(tomcat) branch main updated: Switch from DigiCert ONE to ssl.com eSigner for code signing

Wed, 23 Oct 2024 00:33:29 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new f935129388 Switch from DigiCert ONE to ssl.com eSigner for code signing
f935129388 is described below

commit f9351293887de8d47ffc5c2a30a087ad08575aa9
Author: Mark Thomas <[email protected]>
AuthorDate: Wed Oct 23 08:32:36 2024 +0100

    Switch from DigiCert ONE to ssl.com eSigner for code signing
---
 build.properties.default | 10 ++++++----
 build.xml                |  8 ++++++--
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/build.properties.default b/build.properties.default
index 89203c04b2..2dcea7427c 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -95,11 +95,13 @@ gpg.exec=/path/to/gpg
 # Code signing of Windows installer
 # See https://infra.apache.org/digicert-use.html for setup instructions
 do.codesigning=false
-codesigning.alias=Tomcat-PMC-cert-2023-11
-codesigning.digest=SHA-512
-codesigning.storetype=DIGICERTONE
+codesigning.alias=d97c5110-c66a-4c0c-ac0c-1cd6af812ee6
+codesigning.digest=SHA256
+codesigning.storetype=ESIGNER
 # Set codesigning.storepass in build.properties with the following syntax
-#codesigning.storepass=<api-key>|/path/to/Certificate_pkcs12.p12|<password>
+#codesigning.storepass=<ssl.com user name>|<ssl.com password>
+# Set codesigning.keypass in build.properties with the following syntax
+#codesigning.keypass=<ssl.com TOTP secret>
 
 # ----- Settings to control downloading of files -----
 execute.download=true
diff --git a/build.xml b/build.xml
index 902d981f97..e7618de3dd 100644
--- a/build.xml
+++ b/build.xml
@@ -2657,9 +2657,11 @@ skip.installer property in build.properties" />
     <jsign file="${tomcat.dist}/Uninstall.exe"
         storepass="${codesigning.storepass}"
         storetype="${codesigning.storetype}"
+        keypass="${codesigning.keypass}"
         alias="${codesigning.alias}"
         alg="${codesigning.digest}"
-        tsaurl="http://timestamp.digicert.com";
+        tsaurl="http://ts.ssl.com";
+        tsmode="RFC3161"
         detached="true"/>
     <!-- Copy detached signature to source tree -->
     <copy file="${tomcat.dist}/Uninstall.exe.sig" todir="res/install-win"/>
@@ -2692,9 +2694,11 @@ skip.installer property in build.properties" />
     <jsign file="${tomcat.release}/v${version}/bin/${final.name}.exe"
         storepass="${codesigning.storepass}"
         storetype="${codesigning.storetype}"
+        keypass="${codesigning.keypass}"
         alias="${codesigning.alias}"
         alg="${codesigning.digest}"
-        tsaurl="http://timestamp.digicert.com";
+        tsaurl="http://ts.ssl.com";
+        tsmode="RFC3161"
         detached="true" />
     <!-- Copy detached signature to source tree -->
     <copy file="${tomcat.release}/v${version}/bin/${final.name}.exe.sig"


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to