[Announcement] New Code Signer tool

Home for older / inactive topics

Re: [Announcement] New Code Signer tool

Postby ptalbot » Mon Feb 17, 2014 3:02 pm

The tool is looking for jars on your entire hard disk. I suppose it's because it was launched from /
Try placing the jar in the /application_server/ folder, cd to that folder and launch the tool from there.
Patrick Talbot
Freelance - Open Source - Servoy Valued Professional
https://www.servoyforge.net
Velocity rules! If you don't use it, you don't know what you're missing!
User avatar
ptalbot
 
Posts: 1654
Joined: Wed Mar 11, 2009 5:13 am
Location: Montreal, QC

Re: [Announcement] New Code Signer tool

Postby rioba » Tue Feb 18, 2014 12:22 pm

Thanks, problem solved.
rioba
 
Posts: 242
Joined: Mon Aug 08, 2005 4:26 pm

Re: [Announcement] New Code Signer tool

Postby ptalbot » Tue Feb 18, 2014 8:31 pm

I've released a v1.0.1 of the tool, with a packaged CodeSigner7.jar to be used with Java 7.
Patrick Talbot
Freelance - Open Source - Servoy Valued Professional
https://www.servoyforge.net
Velocity rules! If you don't use it, you don't know what you're missing!
User avatar
ptalbot
 
Posts: 1654
Joined: Wed Mar 11, 2009 5:13 am
Location: Montreal, QC

Re: [Announcement] New Code Signer tool

Postby Hans Nieuwenhuis » Tue Feb 18, 2014 8:51 pm

Thanks again Patrick.

I tested it and I get some warnings in the cmd box where i started the tool :

Code: Select all
Warning:
No -tsa or -tsacert is provided and this jar is not timestamped. Without a times
tamp, users may not be able to validate this jar after the signer certificate's
expiration date (2015-01-24) or after any future revocation date.


These warnings wher not issued in the previous version.

Regards,
Hans Nieuwenhuis
Betagraphics
http://www.deltics.nl
http://www.betagraphics.nl

Servoy Version 7.3.1
Java version 1.7.0.x
Database Oracle 11g
User avatar
Hans Nieuwenhuis
 
Posts: 1026
Joined: Thu Apr 12, 2007 12:36 pm
Location: Hengelo, The Netherlands

Re: [Announcement] New Code Signer tool

Postby ptalbot » Tue Feb 18, 2014 9:10 pm

Yep, that's Java 7 being picky. I suppose they'll soon add some more security restriction and I'll see what I can do to workaround that, but for now, you can safely ignore the warnings.
Patrick Talbot
Freelance - Open Source - Servoy Valued Professional
https://www.servoyforge.net
Velocity rules! If you don't use it, you don't know what you're missing!
User avatar
ptalbot
 
Posts: 1654
Joined: Wed Mar 11, 2009 5:13 am
Location: Montreal, QC

Re: [Announcement] New Code Signer tool

Postby ptalbot » Wed Feb 19, 2014 12:02 am

I've released a v1.1 which adds Timestamping capabilities, using https://timestamp.geotrust.com/tsa Time Stamping Authority.

It is optional because this will add an extra call to the URL, and thus require internet access and adds a little bit of time to the signing process, so it is not activated by default, but you can check the 'Use TSA' in the preferences to activate it.
You can also provide another TSA URL in the preferences, just note that the Timestamp server must comply with the RFC 3161 protocol and that the TSA must be one of JRE's trusted roots CA (usually your certificate provider should be able to provide you with a TSA URL).
Patrick Talbot
Freelance - Open Source - Servoy Valued Professional
https://www.servoyforge.net
Velocity rules! If you don't use it, you don't know what you're missing!
User avatar
ptalbot
 
Posts: 1654
Joined: Wed Mar 11, 2009 5:13 am
Location: Montreal, QC

Re: [Announcement] New Code Signer tool

Postby Hans Nieuwenhuis » Wed Feb 19, 2014 12:12 am

Nice !!

The warnings are gone now.
Hans Nieuwenhuis
Betagraphics
http://www.deltics.nl
http://www.betagraphics.nl

Servoy Version 7.3.1
Java version 1.7.0.x
Database Oracle 11g
User avatar
Hans Nieuwenhuis
 
Posts: 1026
Joined: Thu Apr 12, 2007 12:36 pm
Location: Hengelo, The Netherlands

Previous

Return to Archive

Who is online

Users browsing this forum: No registered users and 0 guests