Discussions
Categories
- 197.1K All Categories
- 2.5K Data
- 546 Big Data Appliance
- 1.9K Data Science
- 450.7K Databases
- 221.9K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 552 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 555 SQLcl
- 4K SQL Developer Data Modeler
- 187.2K SQL & PL/SQL
- 21.4K SQL Developer
- 296.3K Development
- 17 Developer Projects
- 139 Programming Languages
- 293K Development Tools
- 110 DevOps
- 3.1K QA/Testing
- 646.1K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 158 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.2K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 19 Java Essentials
- 162 Java 8 Questions
- 86K Java Programming
- 81 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 205 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 468 LiveLabs
- 39 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 175 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 233 Portuguese
Dubts about Oracle Forms jars with caducated certificates
Hi,
I have some jars of oracle forms in a server with the certificates caducated. When I start the application throught URL on browser or using frmsal, no warnings and no errors appear and all work fine. The certificate is expired but the timestamp not. I've read a lot about signning the jars but I don't undertand why seem tha they can work fine with expired certificated. Could you please show me the truth about it
Thank's a lot!
Answers
-
If you have signed the JAR with a valid certificate (write process),
this JAR remains validly signed within the valid timestamp interval (read process).
-
Ok, but I don't understand why the browser admit a file with certificate expired. Is thi normal?
-
To expand on this. Assuming the use of "timestamp", the certificate used to insert a digital signature into a JAR has an expiration. The digital signature created by that certificate does not expire once it has been created (generally speaking). There is an expiration for "timestamped" signatures, but that time is usually very far into the future and not of concern.
Think of it as a pen and paper. When you sign your name on paper, your signature is valid through the life of that paper. However, the pen you used to create that signature has an expiration (ink dries up). Just because the ink is no longer good in the pen does not change the fact that the paper already has your signature on it.
This is a gross oversimplification of how it works, but should help make the process more clear.
