Jump to content

Certificate Generation

From The OpenXP Wiki

This article will help you to generate valid certificates for OpenXP compilation via CertUtil CLI tool. It is very crucial to proceed compiled builds setup and bypass uncertified checks.

Prerequisites

For this guide you should have Linux machine (it may be virtual and local), or either an MSYS2 or Cygwin installed to your Windows machine. You can also use Git Bash, as it is practically the same MSYS2 shell, only modified to work better with Linux version of Git. This utility will be upgraded to work on Windows machines natively too, in near future.

Generation

  • For first, clone the tool from our Codeberg repository via this command: git clone https://codeberg.org/openxp/certutil
  • Then after, make your binaries executable recursively: chmod 777 * -R
  • Then convert .sh files from DOS to Unix with dos2unix utility. It usually appears with MSYS2 by default, but if it's not, install it on your environment: dos2unix generate.sh
  • And finally, execute generation script: ./generate.sh

Resulted certificates will be placed on srv03rtm.certs, which you simply need to copy to root of source code and replace all items there. Script also creates modified versions of certain checker files, which have hardcoded certificate bytes relying on current certificates, so it's vital to have them matched with newly generated certificates, otherwise builds will be screwed.

Retrieved from "https://theopenxp.org/wiki/index.php?title=Certificate_Generation&oldid=19"