PM13425: JARSIGNER REPORTING JAR FILES AS UNSIGNED WHEN SIGNING WITH TIME STAMP AUTHORITY.
Closed as program error.
Error Message: While lauching the WebStart application, customer was observing the following error message :- An error occurred while launching/running the application. Title: Tivoli Provisioning Manager Express for Software Distribution Catalog Vendor: IBM Corp. Category: Security Error Unsigned application requesting unrestricted access to system Unsigned resource: http://vesuvius.greenock.uk.ibm.com:80/tpmx/apps/win32native.jar . Stack Trace: at com.sun.javaws.LaunchDownload.checkSignedResourcesHelper(LaunchD ownload.java:947) at com.sun.javaws.LaunchDownload.checkSignedResources(LaunchDownloa d.java:850) at com.sun.javaws.Launcher.continueLaunch(Launcher.java:603) at com.sun.javaws.Launcher.handleApplicationDesc(Launcher.java:431) at com.sun.javaws.Launcher.handleLaunchFile(Launcher.java:240) at com.sun.javaws.Launcher.run(Launcher.java:208) at java.lang.Thread.run(Thread.java:571) . Jarsigner reporting jar files as unsigned when signing with TimeStamp Authority. As per customer if the jar is not signed with timestamp authority it seems to be working fine.
The problem seems to be happening as while parsing a signerInfo attribute that PKCS9Attribute class doesn't recognize,it use to throw ParsingException.
This defect will be fixed in: 1.4.2 SR13 FP5 . Modified the code to ignore any SignerInfo unsigned attributes that are unsupported. . To obtain the fix: Install build 20100523 or later
Reported component name
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels