Univention Bugzilla – Bug 35849
Rebuild gplpv driver with new signing cert (old certificate has expired)
Last modified: 2014-11-07 12:30:09 CET
We need to rebuild the GPLPV driver (version 0.9.372) with the new signing certificate. The old one has expired.
Rebuild version 372 with the new certifiacte (valid until 10.10.2017) YAML: 2014-09-12-univention-xen-gplpv.yaml
Reopen: As discussed, somehow the new certificates seem not to be made for signing driver software. System times are correct, but windows refuses to install the drivers, claiming it can not verify the signature (tested with Win 7). Everything looks fine and the certificate chain is valid, the same certificate chain is used. A small difference i spotted is the certificate requester is missing "OU=Digital ID Class 3 - Microsoft Software Validation V2" in the new certificate.
Fresh install of the newly signed drivers works fine. Only the update case is affected by the invalid signature message.
OK, rebuild version 372 with the new certificate and increased the gplpv BUILD_NUMBER to 373 to make that update work (seems that during update with the same version number the driver files are not really updated).
OK: Install and update on 32 and 64 bit OK: Certificate warning is gone, new signing is valid until 10.10.2017 I updated the yaml file to point out that the driver version was raised. Verified
http://errata.univention.de/ucs/3.2/226.html