Am Freitag, 10. April 2020, 09:25:27 CEST schrieb Andreas Schwab:
On Apr 10 2020, Hans-Peter Jansen wrote:
so the issue boils down to: where does _projectcert.crt come from and how is it injected into the build?
It is the project SSL cert (osc signkey --sslcert), injected by bs_worker:getsslcert.
Andreas, Thanks for your reply. If I understand you correctly, osc -A https://local-obs-server signkey TopLevelProject should return the project's gpg key. While the Web-UI shows that one nicely, osc doesn't: Server returned an error: HTTP Error 404: TopLevelProject no pubkey available TopLevelProject: no pubkey available Okay, a new key is needed (why, the whole OBS setup is new, including the gpg setup). After: osc -A https://local-obs-server signkey --create TopLevelProject and a project page reload(!), the key changed, and now, this dialog has got a new <SSL Cert.> button, unfortunately with a much shorter expiry date. Hopefully the kernel builds are able to pick this one up, but rebuilding the whole project is joy. :-( Will know about the outcome later today. This leaves the question, how to generate the OBS gpg signing key in such a way in the first place, that OBS is able to generate SSL certificates directly from it? Thanks, Pete -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org