Discussions
Categories
- 196.8K All Categories
- 2.2K Data
- 238 Big Data Appliance
- 1.9K Data Science
- 450.2K Databases
- 221.7K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 550 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 544 SQLcl
- 4K SQL Developer Data Modeler
- 187K SQL & PL/SQL
- 21.3K SQL Developer
- 295.8K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.5K Development Tools
- 107 DevOps
- 3.1K QA/Testing
- 646K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 154 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 17 Java Essentials
- 160 Java 8 Questions
- 86K Java Programming
- 80 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 204 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 436 LiveLabs
- 38 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 232 Portuguese
Java 8 - Expired Code signing certificate with timestamp
We have a code signing certificate that is set to expire on Feb. 19th. In an effort to be proactive, we started testing by setting the date ahead. We determined that with Java 8, setting the date ahead more than 2 weeks (even when it was before our expiration date), caused it to fail. It appears this is a 'limitation' with the OCSP server, as skipping that check made it work. We are now within 2 weeks of our expiration date, and the OCSP call is still failing if we set the date past our expiration date. I have found threads that discuss this issue (https://bugs.openjdk.java.net/browse/JDK-8047702) which report this started happening in Java 8 Update 5. I ran our test against the first version of Java 8, and sure enough it worked. As soon as I put Update 5 or any newer release on, it started to fail again.
As I was performing all my testing, i did notice that the 'Update' button in Java Control Panel fails if the date is set ahead over a week. This has me thinking that there is a chance that once we get within a week of our certificate expiration date, there is still a chance Java 8 will work, but I'm afraid that is just wishful thinking.
Does anyone know if this will ever work? Is anyone successfully using Java 8 with a timestamped jar file signed with an expired certificate? It works fine in Java 7.