Receive pop-up Security Warnings indicating that the JNLP files are not signed
Document ID :
Last Modified Date :
Show Technical Document Details
CA Automic Applications Manager
CA Automic Applications Manager:Release:8.0
Error Message Details:
Java 1.7 Build 45 and above:
Java 1.6 Build 45 and above:
After upgrading to Applications Manager (AM) v8.0 SP12 HF1 or above and while using Java versions 1.6 or 1.6 Builds 45 and above you may receive a pop up Security Warning message that indicated that the AM JNLP files do not have a digital signature.
The JNLP files have not been signed before with the AM product and this does not present a security risk. All of our main application code (jar files) are signed by a certificate provided by Thawte. If we were to sign the JNLP files, this would be a change in behavior or a redesign of the way that the AM client is launched. The JNLP files contain custom variables (client URL, IP address, Master Name, Port). If we were to sign the JNLP files with our Automic certificate, the variables would then be hard coded and therefore the IP/port/Name would not be able to change without a full re-install. Also, our certificate from Thawte expires every two years, so signing the JNLP files may impact those users who do not upgrade as often.
As stated above the JNLP files have never been signed with the Applications Manager product and it does not present a security risk as our main application code (jar files) are signed by a certificate provided by Thawte.
Was this information helpful?