Warn if the signing certificates have a validity period > 10 years (#2174).

author: Carl Hetherington <cth@carlh.net> 2022-02-12 23:11:44 +0100
committer: Carl Hetherington <cth@carlh.net> 2022-02-12 23:15:31 +0100
commit: 3e6b2d886961177c8d89b3f9168393d33c13bff2 (patch)
tree: 34db251b8c936579d91a549a4a40928c413396a4 /src/tools
parent: 9bda3fda70912d73266a2dbac5470ca23d2ff6fd (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/src/tools/dcpomatic.cc b/src/tools/dcpomatic.cc
index a273d008b..9990f05ad 100644
--- a/src/tools/dcpomatic.cc
+++ b/src/tools/dcpomatic.cc
@@ -1822,6 +1822,23 @@ private:
 			d->Destroy ();
 			return r == wxID_OK;
 		}
+		case Config::BAD_SIGNER_VALIDITY_TOO_LONG:
+		{
+			if (config->nagged(Config::NAG_BAD_SIGNER_CHAIN_VALIDITY)) {
+				return false;
+			}
+			auto d = new RecreateChainDialog (
+				_frame, _("Recreate signing certificates"),
+				_("The certificate chain that DCP-o-matic uses for signing DCPs and KDMs has a validity period\n"
+				  "that is too long.  This will cause problems playing back DCPs on some systems.\n"
+				  "Do you want to re-create the certificate chain for signing DCPs and KDMs?"),
+				_("Do nothing"),
+				Config::NAG_BAD_SIGNER_CHAIN_VALIDITY
+				);
+			int const r = d->ShowModal ();
+			d->Destroy ();
+			return r == wxID_OK;
+		}
 		case Config::BAD_SIGNER_INCONSISTENT:
 		{
 			auto d = new RecreateChainDialog (
author	Carl Hetherington <cth@carlh.net>	2022-02-12 23:11:44 +0100
committer	Carl Hetherington <cth@carlh.net>	2022-02-12 23:15:31 +0100
commit	3e6b2d886961177c8d89b3f9168393d33c13bff2 (patch)
tree	34db251b8c936579d91a549a4a40928c413396a4 /src/tools
parent	9bda3fda70912d73266a2dbac5470ca23d2ff6fd (diff)