Results 1 to 2 of 2
  1. #1
    Pryach is offline Member
    Join Date
    Mar 2010
    Posts
    1
    Rep Power
    0

    Default Digital Signature Expired

    I apologize if I am posting in the wrong forum, I am not a Java developer and wasn't sure where to post.

    We use an application that is a java applet that we bought from another company. Starting yesterday, we began getting a popup when we went to log in stating that the application's digital signature has an error. Apparently there is some kind of certificate on there that is expired.

    I opened a ticket with their support, but they said it's actually Microsoft's fault, and that I should just click "Always trust content from this publisher" and run the application.

    This seems wrong to me. First, I really doubt Microsoft is causing these problems, but as I delve deeper I see an expiration date that was Sunday evening. So it seems like there is some kind of certificate that is expired, but when I spoke to support about it they don't seem to have any idea.

    Here is a screenshot of the errors, I blanked out the company information. The redaction in the name is the name of the software and the Publisher and "CN" in the certificate is the company we bought the software from.

    So what can I tell them that will make them understand that this is their problem? If I click "Always trust" is there any way to bring this error back up?

  2. #2
    Steve11235's Avatar
    Steve11235 is offline Senior Member
    Join Date
    Dec 2008
    Posts
    1,046
    Rep Power
    7

    Default

    I understand your concerns, and I also understand the company's response. Digital certificates are a pain to keep updated, and many companies simply don't go to the effort. It does not mean that the software suddenly went bad, it just means that certificate was issued with an expiration date of last Sunday. Since you know the company, you can safely click "Always trust" in your browser. If you want to "untrust" it later for some reason, your browser provides a manage certificates panel that allows you to change the setting.

    The only point of certificates is so that you don't get software from a bad guy claiming to be someone else. The expiration date is the least important part of the certificate; you know where it came from. Expiring a certificate is like changing your password; it's only important if someone cracks it and then misuses it. In your case, you were already using the software, so you know it is good.

Similar Threads

  1. Increase signature length?
    By xcallmejudasx in forum Suggestions & Feedback
    Replies: 3
    Last Post: 12-18-2008, 07:04 PM
  2. Warning: Page has Expired on click of back button
    By bhupendra in forum JavaServer Pages (JSP) and JSTL
    Replies: 1
    Last Post: 08-27-2008, 08:42 PM
  3. Signature
    By Zosden in forum Suggestions & Feedback
    Replies: 13
    Last Post: 06-29-2008, 06:18 AM
  4. Help with signature matching
    By cachi in forum New To Java
    Replies: 1
    Last Post: 07-31-2007, 09:21 PM
  5. warning: page has expired
    By Peter in forum Web Frameworks
    Replies: 2
    Last Post: 07-04-2007, 08:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •