Dynamic cert support, rewrite installers

[tresf]

Moves all installation tasks to Java, allows certs to renew automatically. There's a bunch of enhancements in this PR, but I'll try to high-level them...

Download: https://github.com/tresf/tray/releases/tag/v2.10-RC8

features

• 825-day SSL certs, fixing Catalina support (comply with Ballot 193, closes No HTTPS support macOS Catalina #491)
• Support soft-reload of properties and keystore (closes Make reload more friendly: reload properties and keystore #275 (supercede), related qz-tray.properties only works if i reload! #447)
• Multiple Firefox version support (closes Support for Developer and "Nightly" editions of Firefox #217)
• Experimental support for LetsEncrypt cert renewals (untested, related Easier Let's Encrypt Support #73)
• Consistent Java search behavior (related Bundled Java Runtime #468)
• Prefer AdoptOpenJDK to Oracle
• Also closes Mask tray icons wrong color Windows 10 #494 (needs backport), closes Fix autostart logic #496

certgen

Out with the old widows-keygen.js, linux-keygen.sh and apple-keygen.sh, in with the new, standardized scripts.

java -jar qz-tray.jar certgen --key "privkey.pem" --cert "fullchain.pem"
java -jar qz-tray.jar certgen --pfx "mycert.pfx" --pass "12345"
java -jar qz-tray.jar certgen --host "192.168.1.5"
java -jar qz-tray.jar certgen --hosts "domain1;domain2;..."

... called as sudo or as a regular user. It'll install the cert in the user's certstore now, meaning ssl from IntelliJ is now possible.

---

uninstall

java -jar qz-tray.jar uninstall

... called as sudo/admin of course

---

advanced

Internally we now use java for all install tasks...

java -jar qz-tray.jar preinstall # kills all instances of qz
java -jar qz-tray.jar install    # deploys qz to a sane location

... called as sudo/admin of course

---

launchers

Platform launchers have been improved to pass parameters directly to qz-tray.jar...

C:\Program Files\qz-tray.exe "certgen"
/opt/qz-tray/qz-tray "certgen"
/Applications/QZ\ Tray.app/QZ\ Tray "certgen"

[akberenz]

Still have about 10 more files to review (namely the cert installer classes and props loader), but most of what I've seen so far looks good. I'm going to just post what I have for now, until I can finish up the review later this week.

[tresf]

All comments addressed. @bberenz three comments still remain unresolved.

[tresf]

All conversations have been resolved. This is ready for merge.

[lite1979]

Raw>Raster Print> HTML printing fails with AdoptOpenJDK 11 on Windows 10

First attempt resulted in an error complaining Java FX did not start, but I did not get the error after that.Error message coincided with logs finally giving up, but they logged "Waiting for JavaFX to start" for almost 90 seconds before letting the processor go; might be a problem if it happened on a machine with less RAM, but I was able to send other print jobs while it was waiting.

Regular HTML prints are working fine, though. Do we check elsewhere for JavaFX when doing Raster Print on the Raw tab?

[tresf]

@lite1979 thanks. Patched via #520 directly on the 2.1 branch. This seems to be a long-standing 2.1 bug since we've added Java 11 support.

[tresf]

Testing this branch with a LetsEncrypt certificate and it works, but the following error occurs:

[ERROR] 2019-11-20 12:55:35,084 @ qz.installer.Installer:?
	Something went wrong obtaining the certificate.  HTTPS will fail.
org.bouncycastle.util.io.pem.PemGenerationException: encoding exception: unknown object passed - can't encode.
	at org.bouncycastle.openssl.MiscPEMGenerator.generate(Unknown Source)
	at qz.installer.certificate.CertificateManager.writeCert(Unknown Source)
	at qz.installer.Installer.certGen(Unknown Source)
	at qz.ws.PrintSocketServer.main(Unknown Source)
Caused by: org.bouncycastle.util.io.pem.PemGenerationException: unknown object passed - can't encode.
	at org.bouncycastle.openssl.MiscPEMGenerator.createPemObject(Unknown Source)
	... 4 more

[tresf]

Print-Server steps updated with 2.1.0-RC9+ commands. https://github.com/qzind/tray/wiki/Print-Server

[tresf]

There seems to be an edge-case issue where Firefox may not be detected on MacOS during the installation process.

The problem seems to stem from the Spotlight service not listing Firefox as installed. You can test this by calling the following command:

system_profiler SPApplicationsDataType -xml |grep "Firefox"

The fix is to stop and start the Spotlight service using the following command:

sudo mdutil -a -i off
sudo mdutil -a -i on

Then test for Firefox again:

system_profiler SPApplicationsDataType -xml |grep "Firefox"

Should output:

        			<string>Firefox</string>
				<string>Firefox 72.0.2</string>
				<string>/Applications/Firefox.app</string>