Closed Bug 1070190 Opened 10 years ago Closed 10 years ago

Record the certificate serial number

Categories

(addons.mozilla.org Graveyard :: Admin/Editor Tools, defect, P1)

Product:
addons.mozilla.org Graveyard
Component:
Admin/Editor Tools
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
2015-02

People

(Reporter: clouserw, Assigned: magopian)

References

Details

(Whiteboard: [qa-]) 

When an add-on is signed we'll discard the private key but we want to record the serial number in case we need to block the add-on in the future.  We should just stick this as a new column in the `files` table.  This bug is about:

* Adding the new column in the files table
* Getting the serial number after the signing (either out of the package or from Trunion - see the dependent bug for the Trunion API) and putting it in the table
Assignee: nobody → olivier
What is the length of the field in database?
I'd make it a varchar(255)
Assignee: olivier → nobody
I don't see anything related to a serial number in the https://wiki.mozilla.org/AMO/SigningService/API page, am I missing something?

Is it the PKCS#7 signature returned by trunion? The value in the following json: {"zigbert.rsa": "MIIKfQYJKoZIhvcNAQcCoIIKbjCCCmoCAQExCzAJBgUrDgMCGgUAMAsGCSq...=="} ?
Flags: needinfo?(rtilder)
Created https://github.com/mozilla/signing-clients/issues/10
PR https://github.com/mozilla/olympia/pull/430
Assignee: nobody → mathieu
Target Milestone: --- → 2015-02
Fixed in https://github.com/mozilla/olympia/pull/430
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(rtilder)
Resolution: --- → FIXED
Whiteboard: [qa-]
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.