Q: When I try running a Java webstart application or applet using one of Qoppa’s library jars, the application is blocked by Java Security due to an expired certificate. Can you help?
A: Qoppa’s code signing certificate that was used to sign our jars expired on August 04 2016. However what matters is that the certificate was valid at the time that jars were created. Java Security does check the expiration date against the jar creation date, rather than today’s date. However, there are 2 issues that could explain why you are seeing the error above:
Problem 1: Jars Signed with Time-Stamps Not From a Time-Stamp Authority
Solution: Use the latest version of Qoppa’s Jars (which are time-stamped)
Starting in v2015R1, Qoppa started signing jars using time-stamps from a time-stamp server authority. Previous versions of the jars that were not time-stamped from a server authority will show an expired certificate warning after the certificate expires. If you wish to continue running an older versions of Qoppa’s jars, you should remove the signature on the jar and then sign the jars again using your own code signing certificate. All jars in the classpath should be signed with the same certificate. If you need help, contact us.
Problem 2: Running an old Version of Java 1.8
Solution: Run with the latest version of Java 1.8
The error above may show when running a web-start application with an older version of Java 1.8, for instance Java 1.8 update 73. After upgrading to the latest version of Java 1.8 Update 101, the warning should stop showing and the web-start application should no longer be blocked.