Skip to content

Commit

Permalink
docs: improved manual steps for macOS (#3565)
Browse files Browse the repository at this point in the history
  • Loading branch information
UlisesGascon authored Nov 8, 2023
1 parent 71a3505 commit b0675c5
Showing 1 changed file with 17 additions and 8 deletions.
25 changes: 17 additions & 8 deletions ansible/MANUAL_STEPS.md
Original file line number Diff line number Diff line change
Expand Up @@ -128,15 +128,15 @@ As root:
* Transfer to release machine (scp to /tmp)
* `sudo security import /tmp/Apple\ Developer\ ID\ Node.js\ Foundation.p12 -k /Library/Keychains/System.keychain -T /usr/bin/codesign -T /usr/bin/productsign -P 'XXXX'` (where XXXX is found in secrets/build/release/apple.md) (`security unlock-keychain -u /Library/Keychains/System.keychain` _may_ be required prior to running this command).

#### Validating certificates are in date
#### Validating certificates are in date and valid

1. security -i unlock-keychain (Enter the password for the machine located in secrets)
2. security find-certificate -c "Developer ID Application" -p > /tmp/app.cert (outputs the PEM format of the cert so we can properly inspect it)
3. security find-certificate -c "Developer ID Installer" -p > /tmp/installer.cert
4. openssl x509 -inform PEM -text -in /tmp/app.cert | less
5. openssl x509 -inform PEM -text -in /tmp/installer.cert | less

The last two steps will show the details of the certificates allowing to see expiry dates.
1. `security -i unlock-keychain` Enter the password for the machine located in secrets
2. `security find-certificate -c "Developer ID Application" -p > /tmp/app.cert` outputs the PEM format of the cert so we can properly inspect it
3. `security find-certificate -c "Developer ID Installer" -p > /tmp/installer.cert`
4. `openssl x509 -inform PEM -text -in /tmp/app.cert | less`
5. `openssl x509 -inform PEM -text -in /tmp/installer.cert | less`
6. `security find-identity -p codesigning -v`
The steps 4 and 5 will show the details of the certificates allowing to see expiry dates.

Example:

Expand All @@ -145,6 +145,15 @@ Not Before: Jan 22 03:40:05 2020 GMT
Not After : Jan 22 03:40:05 2025 GMT
```

The step 6 will show the list of certificates available on the machine.

Example:

```
1) XXXXXXXXXXX "Developer ID Application: Node.js Foundation (XXXXXXX)"
1 valid identities found
```

## macOS
1. Update Sudoers file:

Expand Down

0 comments on commit b0675c5

Please sign in to comment.