This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 7e7dbac Update to JSign 4.0 to remove dependency on client tools.
7e7dbac is described below
commit 7e7dbacc1d66cf4d50af3a4e77ee9e8509b51c0d
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Aug 17 20:37:01 2021 +0100
Update to JSign 4.0 to remove dependency on client tools.
---
build.properties.default | 13 +++++++------
build.xml | 16 +++++++---------
webapps/docs/changelog.xml | 4 ++++
3 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 0a17af9..adb76cf 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -78,9 +78,10 @@ gpg.exec=/path/to/gpg
# Code signing of Windows installer
# See https://infra.apache.org/digicert-use.html for setup instructions
do.codesigning=false
-codesigning.pkcs11properties=${user.home}/.digicertone/pkcs11properties.cfg
-codesigning.alias=Tomcat-PMC-key-2021-04
+codesigning.alias=Tomcat-PMC-cert-2021-04
codesigning.digest=SHA-512
+codesigning.storetype=DIGICERTONE
+codesigning.storepass=set-this-in-build.properties
# ----- Settings to use when downloading files -----
trydownload.httpusecaches=true
@@ -297,15 +298,15 @@ findbugs.home=${base.path}/spotbugs-${findbugs.version}
findbugs.jar=${findbugs.home}/lib/spotbugs-ant.jar
findbugs.loc=${base-maven.loc}/com/github/spotbugs/spotbugs/${findbugs.version}/spotbugs-${findbugs.version}.tgz
-# ----- JSign, version 3.1 -----
+# ----- JSign, version 4.0 -----
# JSign 3.0 onwards requires Java 8 by default
# Use Java 7 build
-jsign.version=3.1
+jsign.version=4.0
-# checksums for JSign 3.1
+# checksums for JSign 4.0
jsign.checksum.enabled=true
jsign.checksum.algorithm=SHA-512
-jsign.checksum.value=481a6e7276688363106ee3492da52807577822b8114b13804df796cd143f479a50d0864215f63b9bb8120a85b2f6185b2845974872d11ff070407dd01879bb0e
+jsign.checksum.value=14e4de1755df3a616ef2725f54542a532c7b86d6fdbc214e355554c554068471e74f348eeafebf3074afcbec53786e5b3219de61cb52ad9b01120f03c304a4e9
jsign.home=${base.path}/jsign-${jsign.version}-java7
jsign.jar=${jsign.home}/jsign-${jsign.version}-java7.jar
diff --git a/build.xml b/build.xml
index d30526a..15c8fb8 100644
--- a/build.xml
+++ b/build.xml
@@ -2288,9 +2288,8 @@ skip.installer property in build.properties" />
unless="skip.installer"
depends="-installer-create-uninstaller,setup-jsign"
if="${do.codesigning}">
<jsign file="${tomcat.dist}/Uninstall.exe"
- keystore="${codesigning.pkcs11properties}"
- storepass="NONE"
- storetype="PKCS11"
+ storepass="${codesigning.storepass}"
+ storetype="${codesigning.storetype}"
alias="${codesigning.alias}"
alg="${codesigning.digest}"
tsaurl="http://timestamp.digicert.com"/>
@@ -2317,12 +2316,11 @@ skip.installer property in build.properties" />
description="Builds and optionally signs the Windows installer"
depends="-installer,setup-jsign" if="${do.codesigning}" >
<jsign file="${tomcat.release}/v${version}/bin/${final.name}.exe"
- keystore="${codesigning.pkcs11properties}"
- storepass="NONE"
- storetype="PKCS11"
- alias="${codesigning.alias}"
- alg="${codesigning.digest}"
- tsaurl="http://timestamp.digicert.com"/>
+ storepass="${codesigning.storepass}"
+ storetype="${codesigning.storetype}"
+ alias="${codesigning.alias}"
+ alg="${codesigning.digest}"
+ tsaurl="http://timestamp.digicert.com"/>
<!-- .exe has changed so need to redo checksums and OpenPGP signature -->
<delete file="${tomcat.release}/v${version}/bin/${final.name}.exe.asc" />
<delete file="${tomcat.release}/v${version}/bin/${final.name}.exe.sha512"
/>
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 2fa5c43..9666a16 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -168,6 +168,10 @@
Fix failing build when building on non-English locales. Pull request
<pr>441</pr> provided by Dachuan J. (markt)
</fix>
+ <update>
+ Update to JSign version 4.0 to enable code signing without the need for
+ the installation of additional client tools. (markt)
+ </update>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
