Skip to content

Instantly share code, notes, and snippets.

@g-k

g-k/notes.md

Created July 19, 2018 20:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save g-k/206efbc9c42bfbaff992813e4a5611a9 to your computer and use it in GitHub Desktop.
Save g-k/206efbc9c42bfbaff992813e4a5611a9 to your computer and use it in GitHub Desktop.
Download ZIP
notes on finding content signature hash for normandy dev for mythmon
Raw
notes.md

"This is controlled via the security.content.signature.root_hash preference, where the value is the hexadecimal of the sha2$ https://github.com/mozilla-services/autograph/blob/3dc9cfc9585bb8bc7b2b22f618ef8abadf18ddc9/signer/contentsignature/README.$

  1. get chain from x5u for normandy_key: in autograph dev config
  2. wget https://content-signature.stage.mozaws.net/chains/normandy.content-signature.mozilla.org-20180811.stage.chain
  3. split last pem cert in file from chain (should be root CN; check with openssl x509 -text)
  4. openssl x509 -outform der < normandy.content-signature.mozilla.org-20180811.stage.chain.2 | openssl dgst -sha256
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment