Problem in codeSigning VelocityReport Plugin

Questions and answers on developing, deploying and using plugins and JavaBeans

Problem in codeSigning VelocityReport Plugin

Postby Bernd.N » Thu Feb 22, 2018 6:17 pm

Did someone else have problems in codeSigning VelocityReport?

I have installed the latest VelocityReport Plugin and tried to codesign it.
For velocityreport.jar, I get the messages listed below.
(I did not try to sign the velocityreport folder therefore)

We use Java 8u144 and codeSigner8

I have to admit I am not a real expert in codeSigning.
When I start codeSigner8, there are two messages that bother me too in the Certificate information window:
1) Chain verification: Error
2) Error building certification path: CN=...

Maybe that could be the root cause?

D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar start processing
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar unsigned
D:\\servoy_testversion\\application_server\\plugins\\velocityreport.jar repacked
null
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
...
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 544
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany

Re: Problem in codeSigning VelocityReport Plugin

Postby ROCLASI » Thu Feb 22, 2018 10:06 pm

Hi Bernd,

1) Chain verification: Error

Sounds like your keystore doesn't have a valid chain of trust. Perhaps missing an intermediate certificate? Better check with your certificate provider.

Hope this helps.
Robert Ivens
SAN Developer / Servoy Valued Professional / Servoy Certified Developer

ROCLASI Software Solutions / JBS Group, Partner
Mastodon: @roclasi
--
ServoyForge - Building Open Source Software.
PostgreSQL - The world's most advanced open source database.
User avatar
ROCLASI
Servoy Expert
 
Posts: 5438
Joined: Thu Oct 02, 2003 9:49 am
Location: Netherlands/Belgium

Re: Problem in codeSigning VelocityReport Plugin

Postby Bernd.N » Tue Feb 27, 2018 11:59 am

Yes that seems to be the case.
But in software business, things do not get rusty and break suddenly.
So some of the involved components must have been changed in the meantime.
Is the intermediate certificate something that can be found in the internet and not on my side? Then it is likely that it does not exist anymore.

Also it could be that the intermediate certificate was invalid all the time, while a previous java version did not care and signed everything anyway.
And now I have a more recent java version which rejects the invalid stuff.

Can you recommend a certificate provider that has most reliable certificats?
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 544
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany

Re: Problem in codeSigning VelocityReport Plugin

Postby ROCLASI » Tue Feb 27, 2018 12:05 pm

CA's can fall out of grace (like Symantec, WoSign and StartCom have in the last couple of months) and therefor their signed certificates as well. What CA do you use?

I use GlobalSign myself.
Robert Ivens
SAN Developer / Servoy Valued Professional / Servoy Certified Developer

ROCLASI Software Solutions / JBS Group, Partner
Mastodon: @roclasi
--
ServoyForge - Building Open Source Software.
PostgreSQL - The world's most advanced open source database.
User avatar
ROCLASI
Servoy Expert
 
Posts: 5438
Joined: Thu Oct 02, 2003 9:49 am
Location: Netherlands/Belgium

Re: Problem in codeSigning VelocityReport Plugin

Postby Bernd.N » Tue Feb 27, 2018 12:59 pm

I bought a Comodo certificate from leaderssl.
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 544
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany

Re: Problem in codeSigning VelocityReport Plugin

Postby Bernd.N » Tue Feb 27, 2018 5:08 pm

An expert from leaderssl guessed that it is a sha1/sha2 problem.

I am wondering about that, because I got my certificate in August 2015, and that should have been already sha2.
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 544
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany

New Certificate from SSLpoint - experience

Postby Bernd.N » Wed Mar 14, 2018 12:56 am

I ordered my new certificate now at sslpoint, who sell Comodo certificates.
They have a nice online support center and even offer support in German if requested.

Support worked well when Comodo needed a bit too long to send me the certificate, because Dun&Bradstreet needed time for checking our phone number.
So I can recommend sslpoint.

And as creating a keystore from the certificate is still a sealed book for me, I asked Harjo to help me. :)

support_center.jpg
support_center.jpg (106.8 KiB) Viewed 4463 times
Bernd Korthaus
LinkedIn
Servoy 7.4.9 SC postgreSQL 9.4.11 Windows 10 Pro
User avatar
Bernd.N
 
Posts: 544
Joined: Mon Oct 21, 2013 5:57 pm
Location: Langenhorn, North Friesland, Germany


Return to Plugins and Beans

Who is online

Users browsing this forum: No registered users and 9 guests