-
Bug
-
Resolution: Fixed
-
P3
-
7u40, 7u45
-
b04
-
x86
-
windows_7
-
Not verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8026743 | 8 | Andy Herrick | P3 | Closed | Fixed | b102 |
| JDK-8034433 | 7u65 | Andy Herrick | P3 | Resolved | Fixed | b01 |
| JDK-8026831 | 7u60 | Andy Herrick | P3 | Resolved | Fixed | b01 |
J2SE Version (please include all output from java -version flag):
7U45 and 7U40
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode)
Does this problem occur on J2SE 6ux or 7ux? Yes / No (pick one)
N/A
Operating System Configuration Information (be specific):
Window 7 x64
Hardware Configuration Information (be specific):
Various
Bug Description:
Not be able to get a certificate rule to work in a DeploymentRuleSet. Had tried many variations, and none have worked. Was emulating the example shown here:
https://blogs.oracle.com/java-platform-group/entry/introducing_deployment_rule_sets
The docs say that only SHA256 is supported now, and that the colons should be stripped. All the examples have the hash in all upper case.
Using a location rule works fine, but not the certificate ones. Originally tried to let the <action> be to run the application, but having it block made the testing a bit easier.
The Java security dialog only gives the hash with SHA1, needed to go to the actual jar file to get the SHA256. The keytool command provides:
Certificate fingerprints:
MD5: F1:6C:A8:50:8C:1D:FA:80:0D:56:F3:12:F7:FA:CA:B6
SHA1: D4:9D:87:31:A9:E8:5E:19:9E:B0:31:BF:A8:87:C2:9D:2E:C8:71:77
SHA256: 4E:81:86:EF:A9:01:D0:5F:8C:9B:B5:3A:70:C4:71:F6:58:E1:2A:D7:63:3C:86:4E:E3:77:A2:88:AA:23:AC:31
Signature algorithm name: SHA1withRSA
Version: 3
The SHA1 hash matches the one shown in the security dialog, so it should be using the correct value.
Steps to Reproduce (be specific):
Use the DeploymentRuleSet on https://www.ocie.net/OcieDemo/JViewer/webstart.html and watch it not block the application
7U45 and 7U40
java version "1.7.0_40"
Java(TM) SE Runtime Environment (build 1.7.0_40-b43)
HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode)
Does this problem occur on J2SE 6ux or 7ux? Yes / No (pick one)
N/A
Operating System Configuration Information (be specific):
Window 7 x64
Hardware Configuration Information (be specific):
Various
Bug Description:
Not be able to get a certificate rule to work in a DeploymentRuleSet. Had tried many variations, and none have worked. Was emulating the example shown here:
https://blogs.oracle.com/java-platform-group/entry/introducing_deployment_rule_sets
The docs say that only SHA256 is supported now, and that the colons should be stripped. All the examples have the hash in all upper case.
Using a location rule works fine, but not the certificate ones. Originally tried to let the <action> be to run the application, but having it block made the testing a bit easier.
The Java security dialog only gives the hash with SHA1, needed to go to the actual jar file to get the SHA256. The keytool command provides:
Certificate fingerprints:
MD5: F1:6C:A8:50:8C:1D:FA:80:0D:56:F3:12:F7:FA:CA:B6
SHA1: D4:9D:87:31:A9:E8:5E:19:9E:B0:31:BF:A8:87:C2:9D:2E:C8:71:77
SHA256: 4E:81:86:EF:A9:01:D0:5F:8C:9B:B5:3A:70:C4:71:F6:58:E1:2A:D7:63:3C:86:4E:E3:77:A2:88:AA:23:AC:31
Signature algorithm name: SHA1withRSA
Version: 3
The SHA1 hash matches the one shown in the security dialog, so it should be using the correct value.
Steps to Reproduce (be specific):
Use the DeploymentRuleSet on https://www.ocie.net/OcieDemo/JViewer/webstart.html and watch it not block the application
- backported by
-
JDK-8026831 Certificate based DRS rule does not work when main jar is in nested resource block or extension
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
- relates to
-
JDK-8026015 RFE: be able to set insecure properties in a jnlp file with a location based DRS run rule
-
- Closed
-
-
-
- Resolved
-