Konrad Garus
Reputation: 54055
Expired certificate for Java Web Start
How does JWS react to code signing certificate expiration?
From my observation it appears to ignore expiration date of CA-signed certificates, but I would like to find some hard proof (e.g. official documentation) that confirms this.
Upvotes: 3
Views: 1730
Answers (1)
Tom Hawtin - tackline
Reputation: 147164
If the signed jar is given a timestamp (which comes from a timestamp authority), then the signature will still be valid even after the certificate has expired (assuming the timestamp is prior to the expiry).
See Signature Timestamp Support for J2SE 5.0
Upvotes: 4
Related Questions
- How to check if Java Web Start app will continue working after certificate expires
- How to sign Java Webstart application for Java 8u141?
- Java Web Start Application Run from HTTPS Server Blocked By Java Security
- Enable Java to permit expired certificate
- How to manage certificate renewal with Java Webstart application
- Java Webstart Certificate Issue with JNLP versioning
- How can I use an old java applet with an expired certificate?
- Java Web Start Jar signing Issue?
- How to make Java "trust" an expired certificate?
- Java Web Start: How to get rid of the warning icon?