Skip to content

Commit eee5be8

Browse files
mwestphallmwestphall
authored
Merge pull request #21 from matyasselmeci/pr/igtf-125.SOFTWARE-5764
Update to IGTF CA certs 1.125; remove EL9 SHA1 workaround for osg-ca-certs
2 parents 09f657f + 878aa60 commit eee5be8

File tree

3 files changed

+26
-7
lines changed

3 files changed

+26
-7
lines changed

CHANGES

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,13 @@ the VDT, then please refer to this link:
99
OSG CA Package in new format (md5, sha1 hashes) to support openssl 1.x
1010

1111

12+
===== Version 1.116 (IGTF 1.125) ===========
13+
Built 29 NOV 2023
14+
15+
* updated root certificate ArmeSFo CA with extended validity (AM)
16+
1217
===== Version 1.115 (IGTF 1.124) ===========
13-
Built 31 NOV 2023
18+
Built 31 OCT 2023
1419

1520
* updated contact meta-data for ArmeSFo authority (AM)
1621
* removed discontinued AEGIS authority (RS)

rpm/igtf-ca-certs.spec

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
%define igtf_version 1.124
2-
%define osg_version 1.115
3-
%define release_num 2
1+
%define igtf_version 1.125
2+
%define osg_version 1.116
3+
%define release_num 1
44
%define vtag %{osg_version}.igtf.%{igtf_version}-%{release_num}
55

66
Name: igtf-ca-certs
@@ -61,6 +61,9 @@ sha256sum -c cacerts_sha256sum.txt
6161
%doc
6262

6363
%changelog
64+
* Wed Nov 29 2023 Mátyás Selmeci <[email protected]> - 1.125-1
65+
- Update to IGTF 1.125 (SOFTWARE-5764)
66+
6467
* Tue Oct 31 2023 Mátyás Selmeci <[email protected]> - 1.124-1
6568
- Update to IGTF 1.124 (SOFTWARE-5738)
6669

rpm/osg-ca-certs.spec

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
1-
%define igtf_version 1.124
2-
%define osg_version 1.115
3-
%define release_num 2
1+
%define igtf_version 1.125
2+
%define osg_version 1.116
3+
%define release_num 1
44
%define vtag %{osg_version}.igtf.%{igtf_version}-%{release_num}
5+
%define enable_trusted_sha1_certs 0
56

67
Name: osg-ca-certs
78
Version: %{osg_version}
@@ -59,7 +60,14 @@ export CADIST=$PWD/certificates
5960
export PKG_NAME=%{name}
6061

6162
./build-certificates-dir.sh
63+
64+
%if 0%{?enable_trusted_sha1_certs}
6265
./add-trusted-sha1-certs.sh certificates trusted-cert java-cert
66+
%else
67+
# We still want to make the osg-ca-certs and osg-ca-certs-java RPMs
68+
find certificates -name "*.pem" -exec cp '{}' '{}.java-cert' ';'
69+
find certificates -name "*.pem" -exec mv '{}' '{}.trusted-cert' ';'
70+
%endif
6371

6472
%install
6573
mkdir -p $RPM_BUILD_ROOT/etc/grid-security/certificates
@@ -84,6 +92,9 @@ mv certificates/* $RPM_BUILD_ROOT/etc/grid-security/certificates/
8492
%doc
8593

8694
%changelog
95+
* Wed Nov 29 2023 Mátyás Selmeci <[email protected]> - 1.116-1
96+
- Update to IGTF 1.125; remove el9 cert changes (SOFTWARE-5764)
97+
8798
* Thu Nov 9 2023 Matt Westphall <[email protected]> - 1.115-2
8899
- Re-add el9 cert changes, create secondary package with original certs (SOFTWARE-5745)
89100

0 commit comments

Comments
 (0)