Add a section on code signing.
git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc8.0.x/trunk@1747539 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/BUILDING.txt b/BUILDING.txt
index eec2f52..dfda8ff 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -269,7 +269,30 @@
open the command prompt used for the build with the "Run as administrator"
option.
- 3. Build the release:
+ 3. Configure the code signing service
+
+ ASF committers performing official releases will need to configure the code
+ signing service so that the Windows installer is signed during the build
+ process. The following properties need to be added to the build.properties
+ file:
+
+ # Location of GPG executable (used only for releases)
+ # Code signing of Windows installer
+ do.codesigning=true
+ codesigning.user=request-via-pmc
+ codesigning.pwd=request-via-pmc
+ codesigning.partnercode=request-via-pmc
+ codesigning.service=Microsoft Signing
+
+ Release managers will be provided with the necessary credentials by the PMC.
+ It will also be necessary to enable TLS 1.1 and TLS 1.2 by default (they are
+ disabled by default on Java 7) for the build process to communicate with the
+ code signing service. The simplest way is by setting the ANT_OPTS
+ environment variable. E.g. (for Windows):
+
+ set ANT_OPTS=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
+
+ 4. Build the release:
cd ${tomcat.source}
ant release
