[sakai2-tcc] Blocker in the release

Matthew Jones matthew at longsight.com
Thu May 30 22:18:09 PDT 2013 

Thanks! About to get on airplane for conference so will get this straight
tomorrow. Still before conference!
On May 30, 2013 5:30 PM, "Anthony Whyte" <arwhyte at umich.edu> wrote:

> Downloaded the cert again, deleted contents of keystore, re-imported cert,
> mailed keystore zip to Matt.
>
> slovo:keystore-20130402 arwhyte$ keytool -list -v -keystore sakai.keystore
> -alias sakai
> Enter keystore password: @#(*$(@)
> Alias name: guessme
> Creation date: May 30, 2013
> Entry type: trustedCertEntry
>
> Owner: CN=Sakai Foundation, OU=Sakai Project, O=Sakai Foundation, L=Ann
> Arbor, ST=Michigan, C=US
> Issuer: CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
> Serial number: 426c249a122332236c8a8cbba63ea498
> Valid from: Tue Apr 02 20:00:00 EDT 2013 until: Tue Jun 24 19:59:59 EDT
> 2014
> Certificate fingerprints:
>          MD5:  F9:DE:77:CB:83:B1:36:DE:B2:E9:24:69:29:14:EA:75
>          SHA1: C6:50:89:A3:A0:A2:01:98:C6:35:6B:BF:5D:41:28:D7:73:6B:F3:55
>          Signature algorithm name: SHA1withRSA
>          Version: 3
>
> Extensions:
>
> #1: ObjectId: 2.5.29.19 Criticality=true
> BasicConstraints:[
>   CA:false
>   PathLen: undefined
> ]
>
> #2: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
> AuthorityInfoAccess [
>   [
>    accessMethod: 1.3.6.1.5.5.7.48.1
>    accessLocation: URIName: http://ocsp.thawte.com]
> ]
>
> #3: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
> NetscapeCertType [
>    Object Signing
> ]
>
> #4: ObjectId: 2.5.29.31 Criticality=false
> CRLDistributionPoints [
>   [DistributionPoint:
>      [URIName: http://cs-g2-crl.thawte.com/ThawteCSG2.crl]
> ]]
>
> #5: ObjectId: 2.5.29.37 Criticality=false
> ExtendedKeyUsages [
>   codeSigning
>   1.3.6.1.4.1.311.2.1.22
> ]
>
> #6: ObjectId: 2.5.29.4 Criticality=false
>
>
>
>
>
> On May 30, 2013, at 3:47 PM, Beth Kirschner wrote:
>
> > Hmm. We may have to wait for Anthony or Sam :-/
> >
> > - Beth
> >
> > On May 30, 2013, at 3:27 PM, Matthew Jones <matthew at longsight.com>
> wrote:
> >
> >> In the zip there are 4 files.
> >>
> >>     4678  04-03-13 13:32   sakai.cer.pkcs7
> >>     1509  04-03-13 15:41   sakai.cer.x509
> >>     1047  04-02-13 17:41   sakai.csr
> >>     2253  04-02-13 17:39   sakai.keystore
> >>
> >> There is no crt file. The keystore only contains a private key that
> seems to only be signed for 3 months. There is nothing else that comes up
> in the keystore like the old keys.
> >>
> >> keytool -list -v -keystore sakai.keystore
> >>
> >> Owner: CN=Sakai Foundation, OU=Sakai Project, O=Sakai Foundation, L=Ann
> Arbor, ST=Michigan, C=US
> >> Issuer: CN=Sakai Foundation, OU=Sakai Project, O=Sakai Foundation,
> L=Ann Arbor, ST=Michigan, C=US
> >> Serial number:
> >> Valid from: Wed Apr 03 00:39:21 GMT 2013 until: Tue Jul 02 00:39:21 GMT
> 2013
> >>
> >> Everything I've tried with keytool and the other files has lead to
> errors either on the jarsigner or on trying to import it into keytool.
> >>
> >>
> >> On Thu, May 30, 2013 at 3:24 PM, Beth Kirschner <bkirschn at umich.edu>
> wrote:
> >> Here's my notes from doing this sort of thing in the past:
> >>
> >>   # default jre keystore $JAVA_HOME/jre/lib/security/cacerts
> >>   # default jre keystore password: changeit
> >>   # importing trusted cert into keystore
> >>   $ keytool -import -keystore cacerts -file server.crt -alias samigo
> >>
> >> - Beth
> >>
> >> On May 30, 2013, at 3:00 PM, Matthew Jones <matthew at longsight.com>
> wrote:
> >>
> >>> The release has encountered a snag which I don't have time at the
> moment to figure out as I have to fly in a few hours.
> >>>
> >>> The code signing certificate for the samigo audio jar expires in a
> couple of days and we were going to sign the new release jar with a new
> key. This key was purchased back in April but I didn't try doing anything
> with it until today. It looks like it might contain everything that is
> needed, but the sakai.keystore is incomplete and I don't know how to import
> the keys into the keystore.
> >>>
> >>> Anthony did this in the past and prepared this package this time. I
> have contacted him as well as Sam and I believe both are travelling so this
> might not be done until tomorrow at this point. This is just a heads up
> update.
> >>>
> >>> I'd planned to have this out today, but spent an hour on this already
> getting nowhere. Either I'm missing a file, the initial private key is
> wrong, or I'm just not running the right command.
> >>>
> >>> The 2.9.x nightly will be down and the 2.9.x-all build will not work
> until this is resolved.
> >>> _______________________________________________
> >>> sakai2-tcc mailing list
> >>> sakai2-tcc at collab.sakaiproject.org
> >>> http://collab.sakaiproject.org/mailman/listinfo/sakai2-tcc
> >>
> >>
> >
> > _______________________________________________
> > sakai2-tcc mailing list
> > sakai2-tcc at collab.sakaiproject.org
> > http://collab.sakaiproject.org/mailman/listinfo/sakai2-tcc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai2-tcc/attachments/20130531/86b2a287/attachment-0001.html

More information about the sakai2-tcc mailing list