After upgrading to Applications Manager v8.0 SP12 HF1 and above, client receives Security Warning's

Document ID : KB000088471
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message Details:
In Java 1.7 Build 45 and above you will see:
.png
In Java 1.6 Build 45 and above you will see:

.png
 
Symptoms

After upgrading to Applications Manager (AM) v8.0 SP12 HF1 and above, when you access the AM Client you receive Security Warning pop-up messages if you are using Java version 1.6 or 1.7 Builds 45 and higher.
 
Cause
With the addition of Oracle's higher security settings in Java v1.6 and 1.7 Build 45 and greater, you may receive Security Warning pop-up messages even though AM has a signed certificate. The pop-up indicates that you have chosen to launch an application with a valid certificate from a trusted authority but that there are warnings.  These are not security errors.

 

 
Resolution:
If you trust the application and certificate issuer (Automic), then click Run to proceed. 

Automic's digital signature for Applications manager is available for review by clicking on 'More Information' from the Security Warning window and looking at the Certificate Details. The 2 basic warning messages are also available by clicking on 'More Information' and are a result of the following:
1) That the application is requesting unrestricted access to your computer.
2) That the application's associated JNLP files are not digitally signed. 
Keep in mind that these are warnings only and are not security errors. The first warning indicates that you have chosen to launch an application with a valid certificate from a trusted authority and that the application is requesting access to your computer. If you trust that application and certificate issuer (Automic), then click Run to proceed. We do require access to the user's PC in order to be able to write to client debug files, save output files (if you choose), etc. Here is a webpage from Oracle which explains this pop-up message. For Java 7, please refer to the section titled "Java application with a certificate from a trusted authority"
 
For Java 6, the "application's digital signature cannot be verified" message is a bit misleading, since when you click on 'More Information' it will actually show you the certificate is valid and that you are accepting this certificate to run with permissions.
 
For the second warning "Although the application has a digital signature, the application's associated file (JNLP) does not have one. A digital signature ensures that a file is from the vendor and that it has not been altered", please refer to 000008508 for more information.