Results 1 to 2 of 2
Thread: Digital Signature Expired
- 03-09-2010, 05:50 PM #1Member
- Join Date
- Mar 2010
- Rep Power
Digital Signature Expired
I apologize if I am posting in the wrong forum, I am not a Java developer and wasn't sure where to post.
We use an application that is a java applet that we bought from another company. Starting yesterday, we began getting a popup when we went to log in stating that the application's digital signature has an error. Apparently there is some kind of certificate on there that is expired.
I opened a ticket with their support, but they said it's actually Microsoft's fault, and that I should just click "Always trust content from this publisher" and run the application.
This seems wrong to me. First, I really doubt Microsoft is causing these problems, but as I delve deeper I see an expiration date that was Sunday evening. So it seems like there is some kind of certificate that is expired, but when I spoke to support about it they don't seem to have any idea.
Here is a screenshot of the errors, I blanked out the company information. The redaction in the name is the name of the software and the Publisher and "CN" in the certificate is the company we bought the software from.
So what can I tell them that will make them understand that this is their problem? If I click "Always trust" is there any way to bring this error back up?
- 03-09-2010, 07:15 PM #2
I understand your concerns, and I also understand the company's response. Digital certificates are a pain to keep updated, and many companies simply don't go to the effort. It does not mean that the software suddenly went bad, it just means that certificate was issued with an expiration date of last Sunday. Since you know the company, you can safely click "Always trust" in your browser. If you want to "untrust" it later for some reason, your browser provides a manage certificates panel that allows you to change the setting.
The only point of certificates is so that you don't get software from a bad guy claiming to be someone else. The expiration date is the least important part of the certificate; you know where it came from. Expiring a certificate is like changing your password; it's only important if someone cracks it and then misuses it. In your case, you were already using the software, so you know it is good.
- By xcallmejudasx in forum Suggestions & FeedbackReplies: 3Last Post: 12-18-2008, 07:04 PM
- By bhupendra in forum JavaServer Pages (JSP) and JSTLReplies: 1Last Post: 08-27-2008, 07:42 PM
- By Zosden in forum Suggestions & FeedbackReplies: 13Last Post: 06-29-2008, 05:18 AM
- By cachi in forum New To JavaReplies: 1Last Post: 07-31-2007, 08:21 PM
- By Peter in forum Web FrameworksReplies: 2Last Post: 07-04-2007, 07:45 AM