Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37567

Setup code signing to be able to release Remoting without Kohsuke

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Critical Critical
    • core, remoting
    • None

      Currently remoting can be released by kohsuke only, and it complicates the things especially since we want to establish a remoting backporting flow for remoting 2.

      I should get a verified key and start releasing remoting without it.
      Getting of the organization key is complicated according to our last investigation

          [JENKINS-37567] Setup code signing to be able to release Remoting without Kohsuke

          Oleg Nenashev created issue -
          Oleg Nenashev made changes -
          Epic Link New: JENKINS-37564 [ 173676 ]
          Oleg Nenashev made changes -
          Epic Link Original: JENKINS-37564 [ 173676 ] New: JENKINS-38833 [ 175240 ]

          Oleg Nenashev added a comment -

          The certificate got delayed

          Oleg Nenashev added a comment - The certificate got delayed
          Oleg Nenashev made changes -
          Assignee New: Oleg Nenashev [ oleg_nenashev ]
          Oleg Nenashev made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Oleg Nenashev made changes -
          Attachment New: remoting-3.8-SNAPSHOT.jar [ 37485 ]

          Oleg Nenashev added a comment -

          Created pull request with patches: #158

          I have attached JAR to the JIRA ticket. I would appreciate if somebody could test it and confirm that JAR is being considered as signed by a trusted source. It is critical for JNLP start on Windows at least. CC @slide and @jtnord since they maybe have a ready environment for it. If required, I can try to package Jenkins core with a signed version.

           

          remoting-3.8-SNAPSHOT.jar

          Oleg Nenashev added a comment - Created pull request with patches: #158 I have attached JAR to the JIRA ticket. I would appreciate if somebody could test it and confirm that JAR is being considered as signed by a trusted source. It is critical for JNLP start on Windows at least. CC @slide and @jtnord since they maybe have a ready environment for it. If required, I can try to package Jenkins core with a signed version.   remoting-3.8-SNAPSHOT.jar
          Oleg Nenashev made changes -
          Status Original: In Progress [ 3 ] New: In Review [ 10005 ]

          Andrew Bayer added a comment -

          Worked fine on OS X in a quick test.

          Andrew Bayer added a comment - Worked fine on OS X in a quick test.

            oleg_nenashev Oleg Nenashev
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: