Hello,
Firslty - I want to mention that I am brand new here. So, I am not sure if this is the right place to have this discussion - if it is not - kindly point me to the location where I should post it.
My question is regrding the bug Regardig JDK-8016771 : 7u25: warning dialogue still show up even all jar files are signed.
We had build a small java applet using jre 1.1.8. And it was very simple - we did not signed it and\or used any certificate. We were not concerend about it because that is a very small part in out software suit.
Now - with the recent update (when customer updates to 1.7) - the webpage can not be reached because the security feature.
Now as suggested here
http://bugs.sun.com/view_bug.do?bug_id=8016771
We did do the following
1) Create all index entries first; index.list
2) Then try to sign all the jars
So, this is waht we did -
We only have one jar file -> cyberchat.jar
I downloaded the latest jdk 1.7 to use the jarsigner. After that inorder to index it I used the following command
C:\jdk1.7.0_51\bin\jar -i C:\Working\CCS\Root\Source\Services\WebChat\CyberChat\Applet\CyberChat.jar
That did not give me any error.
Then in order to sign it with our certificate (cerificate used certify other exe and services) I used the following command
C:\Program Files\Java\jdk1.7.0_51\bin>jarsigner -storetype pkcs12 -keystore "C:\Shared\SignTool\pfcert.pfx" "C:\Working\CCS\Root\Source\Services\WebChat\CyberCh
at\Applet\cyberchat.src.jar" "le-973a7aac-c571-40e5-9d71-70e46b7277a0"
Enter Passphrase for keystore:
after enterting the keystore
I get back the following message
Warning:
The signer's certificate chain is not validated.
No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (201
5-02-18) or after any future revocation date.
Now, I am not worred about the timestamp warnig. But I think due to the cetificate chain warning - our users are still not able to access the web applet - because it is still being blocked.
Now - I was wondering if anyone could kindly tell me how could I get that warning go away.
FYI - we do not want to compile our code against latest version of jre