I asked this on StackOverflow as, if there’s an answer, I thought it’d be helpful to others too, but since it’s not attracting any answers I’ll ask here too (and feel free to collect the bounty on SO if you like, http://stackoverflow.com/q/34436231/335847).
I've been added as a contributor to an existing project which has a signing certificate attached to the gem. I'll be pushing the next release so I need to add my cert to the gem. When I follow the instructions at http://guides.rubygems.org/security/#building-gems everything is fine up till I reach point 4 and run gem build… the following error presents itself:
ERROR: While executing gem ... (Gem::Security::Exception) invalid signing chain: certificate (my details) was not issued by (existing cert owner's details)
I've never added a second cert to an existing gem, does anyone know what the next step is? Does the existing cert owner need to do something? Is a project supposed or able to have more than one cert?
I've not been able to find any info on this, so any insight or help would be very welcome and appreciated.