Page 1 of 1
re-sign all packages with the new key
Published: January 29, 2020 - 11:03 AM
by mouka
Hello,
I'm currently using the free version 1.8.
As stated in the documentation:
"Since the packages in the local repository are signed with the old key, all packages must be re-signed with the new key.
To re-sign all WAPT packages with the new key (software and machine packages), use the command:
wapt-get sign-packages C:\\waptdev\\*
"
I ran this command:
C:\WINDOWS\system32>wapt-get sign-packages C:\\waptdev\\*
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Unknown action sign-packages
But it didn't solve my problem.
I'm actually testing WAPT; my server is running CentOS 7.5, and the console is on Windows 10.
Perhaps the simplest solution is to start over. Is there a procedure to start from scratch, avoiding reinstalling the server and the console?
Thank you.
Re: Re-signing all packages with the new key
Published: January 29, 2020 - 11:39 AM
by htouvet
(Question: Why do you need to resign the packages?)
It is faster to resign the packages directly on the
server(Otherwise you will need to download all the packages to your computer, re-sign them and re-upload them)
To do this, you must temporarily copy your private key (.pem) and your certificate to the server (using winscp3 for example) and then launch the wapt-signpackages command in an ssh session on the server.
For example...
Code: Select all
wapt-signpackages -i -s -c /root/moi.crt -k /root/moi.pem /var/www/wapt/*.wapt
Do not leave your key (.pem) on the server.
Help :
Code: Select all
]# wapt-signpackages --help
Usage: wapt-signpackages -c crtfile package1 package2
Resign a list of packages
Options:
-h, --help show this help message and exit
-c PUBLIC_KEY, --certificate=PUBLIC_KEY
Path to the PEM RSA certificate to embed identitiy in
control. (default: )
-k PRIVATE_KEY, --private-key=PRIVATE_KEY
Path to the PEM RSA private key to sign packages.
(default: )
-l LOGLEVEL, --loglevel=LOGLEVEL
Loglevel (default: warning)
-m MD, --message-digest=MD
Message digest type for signatures. (default: sha256)
-s, --scan-packages Rescan packages and update local Packages index after
signing. (default: False)
-r, --remove-setup Remove setup.py. (default: False)
-i, --inc-release Increase release number when building package
(default: False)
--maturity=SET_MATURITY
Set/change package maturity when signing package.
(default: None)
--keep-signature-date
Keep the current package signature date, and file
changetime (default: False)
--if-needed Re-sign package only if needed
Re: Re-signing all packages with the new key
Published: January 29, 2020 - 1:51 PM
by mouka
I wasn't aware of that possibility.
I'll try it.
Thank you
Re: Re-signing all packages with the new key
Published: January 29, 2020 - 2:10 PM
by mouka
(Question: Why do you need to resign the packages?)
Because I recreated a certificate. I'm running tests; I'm not yet in production.
Re: Re-signing all packages with the new key
Published: May 24, 2020 - 8:44 PM
by alfred47
mouka wrote: ↑Jan 29, 2020 - 11:03 AM
Hello,
I'm currently using version 1.8 free:
As stated in the documentation:
"Since the packages in the local repository are signed with the old key, all packages must be re-signed with the new key.
To re-sign all WAPT packages with the new key (software and machine packages), use the command:
wapt-get sign-packages C:\\waptdev\\*
"
I ran this:
C:\WINDOWS\system32>wapt-get sign-packages C:\\waptdev\\*
Using config file: C:\Program Files (x86)\wapt\wapt-get.ini
Unknown action sign-packages
But my problem is still not resolved.
I'm actually testing WAPT; my server is running CentOS 7.5 and the console is on Windows 10.
Perhaps the simplest solution is to start over. Is there a procedure to begin from scratch, avoiding reinstalling the server and console?
Thank you.
I think it's impossible without reinstalling the server and the console
If you find another solution, please write it here
THANKS
Re: Re-signing all packages with the new key
Published: May 25, 2020 - 1:29 PM
by sfonteneau
Code: Select all
wapt-signpackages -s --message-digest=sha256,sha1 -c C:\private\wapt-private-20180312-1522.crt C:\wapt\waptserver\repository\wapt\*.wapt