overview icon indicating copy to clipboard operation
overview copied to clipboard
verified publisher icon kiwix

Do we continue one more year with SSL.com for code signing

Open benoit74 opened this issue 9 months ago • 1 comments

In https://github.com/kiwix/overview/issues/88, we've decided to use SSL.com for code signin.

We've bought 1200 sign operations, and as of today 750 remains (but this year has been a bit special probably, since we've not much update WikiVoyage for instance).

Renewal will be on Jul 10, 2025 (but we need to get prepared).

Does someone has strong arguments / needs / desire to change or do we continue ?

benoit74 avatar Mar 03 '25 08:03 benoit74

It sure is not representative in that:

  • More than expected signatures to deploy the tools and workflows.
  • Less than expected given custom apps could not be released as usual due to missing ZIMs.

That said, we started in late August and are on a path to using 900 out of our 1,200 quota.

There is thus no forseeable risk in continuing. I'd advise we only renew for a year, hoping to have a better view next year. Given we monitor those weekly, we can still take actions should we start running low.

rgaudin avatar Mar 03 '25 09:03 rgaudin

I'm also in favor of renewing for one or two years. On the longer term, this will probably change and we have made a few steps in that direction already, but this is still too early.

kelson42 avatar Jun 11 '25 15:06 kelson42

Renewed for one more year.

Popolechien avatar Jun 11 '25 16:06 Popolechien

Their UI is terrible so I have no idea but:

  • Did you click a renew button or place a different order?
  • Did you submit the documents their apparently request? It says it's pending several validation.
  • It seems we've wasted a month-worth by renewing now. It would expire on ~2026-06-12

Please open a new ticket once the cert is available so we can track deployment.

rgaudin avatar Jun 11 '25 17:06 rgaudin

Not needed there's #313

rgaudin avatar Jun 11 '25 22:06 rgaudin