For those of you using plugins from us (servoy-plugins.de), we have now signed all of our components with a self-signed certificate. You can download an updated installer from our website.
We have bought a real certificate, but that has not yet been issued. In a few days we hope to provide another update with the real certificate that will not present a dialog to the user (for our components at least).
See http://wiki.servoy.com/x/SpV7 for a comprehensive overview of Servoy i.c.w. Java 6 update 19
Paul
Great job Paul, thanks!
Since servoy update from 4.1.5 to 4.1.6 I get similar messages:
JAR resources in JNLP file are not signed by same certificate
But JAVA is still on a old version (very old even 1.5.04).
Server running with JAVA 1.6 update 17
Is it possible that this update to 4.1.6 could have impact on running Servoy with older versions of Java?
The message seems to occur on an IT2BE-bean/plugins, but didn’t occur with Servoy 4.1.5
There were no updates of the I2TBE beans/plugins.
Is it logic that since 4.1.6 such errormessages can occur?
There is no JAVA update 19/20 involved here
Paul,
There is no JAVA update 19 involved here.
So I thought this was a non issue for me, but since you replied on this I’ll check it out.
So the subject of this topic is not only related to Java 6 update 19.
But what strange is, is that using 1 webserver, most customers have no problems , but some of them do have problems since Servoy 4.1.6.
I should expect that all customers would have problems and not just some of them if it is a problem of signing.
May there is some other issue, because one of the customers also has problem with webclient, and webclient runs without java.
Martin
Hi all,
In java Update 20, the previous issue with Update 19, Using the self-signed certificate the warning dialog might reappear on each consecutive start, regardless if the “Always trust” checkbox gets checked or not, has resolved?
Thanks,
i haven’t heard of this bug and i haven’t encountered it yet.
Hi all,
I am just testing with my servoy apps in servoy 4.1.6 with self signing all my third party jars in Java update 20. It is working fine. But, sometimes, while launching client, I am getting the below error and client stop launching.
Java Web Start 1.6.0_20
Using JRE version 1.6.0_20-b02 Java HotSpot™ Client VMJava Web Start Error:
JAR resources in JNLP file are not signed by same certificate
This is not reproducible always. Is there any issue, that all the jars should be signed with same certificate??
Thanks,
Sasmit
You get this on the same machine just between starts when there are no changes what so ever on the server?
Thanks for your response.
No,yet, I have not reported any issues on the Server. Everything is working fine. Sometimes, I am getting the error, when starting the client at the same machine.
Thanks,
Sasmit
thats very weird, because that means that when there is no state change webstart sees different things between starts. Never seen this.
So if you get that dialog, you close it and press the same (shorcut)link again it works?
I got the same error when I updated Servoy to 4.1.6, but third party plugins were not updated.
If you have servoy-plugins.de plugins, do the update again, because there was an error in those plugins. They made a new update installer that fixes that problem.
Note that when having jars set in the jnlp, to be downloaded as “lazy” they will not be checked at the start of the solution (as you have not yet downloaded them). Then, if you have downloaded them during your session, when you restart you get the signed errors.
It might be a reason
Yes, closing the dialog and again starting the client, fixes the issue. But, it the dialog is haphazardly coming. Not always I can say. I am worried about why it is coming.
I have used some of the free plugins such as busy plugin available in this forum and some of my written. Is there anything, that I need to added the JNLP file to those plugins. I have used the version=“%%version%%”, so that it will always check for the recent resource version. But, still getting the dialog sometimes in the same machine.
Thanks,
Sasmit
Yes, closing the dialog and again starting the client, fixes the issue. But, it the dialog is haphazardly coming. Not always I can say. I am worried about why it is coming.
Our experience is similar to Sasmit above. We’re getting the “#### JAR resources in JNLP file are not signed by same certificate” error often. One user is reporting this happens with every other start up of Servoy. Others it is quite random, but happening frequently.
Mac users on older versions of MacOS X and older Java versions are having to clear their cache before every launch of Servoy.
Nothing is changing on the server throughout the day and we’re on Servoy 4.1.7.
Any update or resolution on these particular problems?
I had postponed updating to Java 6 u20 in order to wait for the issues to be resolved.
So I went ahead and updated to Servoy 3.12 and Java 1.6_u20 and got all the signed plugins.
I run the server startup batch file. then I load the smart client but it fails indicating unsigned jars found.
I had run the signtester so I assumed this “fixes” all.
I have gone through all the forum and the wiki.
I even removed the swingbeans.jar from the beans folder.
Still getting the unsigned jars.
Should I just go to the java console control panel and disable all validation!
Hi Tom,
What is the exact error you are getting ?
Hi Robert,
I use several plugins: IT2BE Tools and ServoyGuy Spell check Pro, and servoy-jasper reports and some others.
I installed the latest signed versions of these before starting the server.
Launching the smart client I get this exception:
com.sun.deploy.net.JARSigningException: Found unsigned entry in resource: (http://prospect:8080/plugins/it2be-lib/it2be-helper.jar, 1275485552796)
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(Unknown Source)
I also had same message for the Spellcheck pro plugin. Then I went into the jnlp file for it and noticed that the version= part was not the recommended version=“%%version%%” so I manually changed them and then that exception seemed to go away. I checked the jnlp for the it2be-tools and it is fine. So it is one or more jar files in the plugin sub-folder that it does not like.
Running the signtester (latest from Patrick Talbot crashes on my 3.5.12 install) I see that there are many unverified jar files.
I am not sure how to fix that part.
Thomas Parry:
Running the signtester (latest from Patrick Talbot crashes on my 3.5.12 install) I see that there are many unverified jar files.
I have fixed this, please download and try running it again.