0 Replies Latest reply on Feb 3, 2014 7:39 PM by 00de624f-8298-4161-9503-cb3a5d79d05c

    Regardig JDK-8016771 : 7u25: warning dialogue still show up even all jar files are signed




      Firslty - I want to mention that I am brand new here. So, I am not sure if this is the right place to have this discussion - if it is not - kindly point me to the location where I should post it.


      My question is regrding the bug Regardig JDK-8016771 : 7u25: warning dialogue still show up even all jar files are signed.


      We had build a small java applet using jre 1.1.8. And it was very simple - we did not signed it and\or used any certificate. We were not concerend about it because that is a very small part in out software suit.


      Now - with the recent update (when customer updates to 1.7)  - the webpage can not be reached because the security feature.


      Now as suggested here




      We did do the following


         1) Create all index entries first; index.list

         2) Then try to sign all the jars


      So, this is waht we did -


      We only have one jar file  -> cyberchat.jar


      I downloaded the latest jdk 1.7 to use the jarsigner. After that inorder to index it I used the following command


      C:\jdk1.7.0_51\bin\jar -i C:\Working\CCS\Root\Source\Services\WebChat\CyberChat\Applet\CyberChat.jar


      That did not give me any error.


      Then in order to sign it with our certificate (cerificate used certify other exe and services) I used the following command


      C:\Program Files\Java\jdk1.7.0_51\bin>jarsigner -storetype pkcs12 -keystore "C:\Shared\SignTool\pfcert.pfx" "C:\Working\CCS\Root\Source\Services\WebChat\CyberCh

      at\Applet\cyberchat.src.jar" "le-973a7aac-c571-40e5-9d71-70e46b7277a0"

      Enter Passphrase for keystore:


      after enterting the keystore

      I get back the following message



      The signer's certificate chain is not validated.

      No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (201

      5-02-18) or after any future revocation date.


      Now, I am not worred about the timestamp warnig. But I think due to the cetificate chain warning - our users are still not able to access the web applet - because it is still being blocked.


      Now -  I was wondering if anyone could kindly tell me how could I get that warning go away.


      FYI - we do not want to compile our code against latest version of jre