diff --git a/ansible/MANUAL_STEPS.md b/ansible/MANUAL_STEPS.md index 96449e403..8e55fd20b 100644 --- a/ansible/MANUAL_STEPS.md +++ b/ansible/MANUAL_STEPS.md @@ -128,15 +128,15 @@ As root: * Transfer to release machine (scp to /tmp) * `sudo security import /tmp/Apple\ Developer\ ID\ Node.js\ Foundation.p12 -k /Library/Keychains/System.keychain -T /usr/bin/codesign -T /usr/bin/productsign -P 'XXXX'` (where XXXX is found in secrets/build/release/apple.md) (`security unlock-keychain -u /Library/Keychains/System.keychain` _may_ be required prior to running this command). -#### Validating certificates are in date +#### Validating certificates are in date and valid -1. security -i unlock-keychain (Enter the password for the machine located in secrets) -2. security find-certificate -c "Developer ID Application" -p > /tmp/app.cert (outputs the PEM format of the cert so we can properly inspect it) -3. security find-certificate -c "Developer ID Installer" -p > /tmp/installer.cert -4. openssl x509 -inform PEM -text -in /tmp/app.cert | less -5. openssl x509 -inform PEM -text -in /tmp/installer.cert | less - -The last two steps will show the details of the certificates allowing to see expiry dates. +1. `security -i unlock-keychain` Enter the password for the machine located in secrets +2. `security find-certificate -c "Developer ID Application" -p > /tmp/app.cert` outputs the PEM format of the cert so we can properly inspect it +3. `security find-certificate -c "Developer ID Installer" -p > /tmp/installer.cert` +4. `openssl x509 -inform PEM -text -in /tmp/app.cert | less` +5. `openssl x509 -inform PEM -text -in /tmp/installer.cert | less` +6. `security find-identity -p codesigning -v` +The steps 4 and 5 will show the details of the certificates allowing to see expiry dates. Example: @@ -145,6 +145,15 @@ Not Before: Jan 22 03:40:05 2020 GMT Not After : Jan 22 03:40:05 2025 GMT ``` +The step 6 will show the list of certificates available on the machine. + +Example: + +``` + 1) XXXXXXXXXXX "Developer ID Application: Node.js Foundation (XXXXXXX)" +1 valid identities found +``` + ## macOS 1. Update Sudoers file: