Austin Stephens created NETBEANS-5005: -----------------------------------------
Summary: There is no KeyStoreProvider for built in trusted certificates Key: NETBEANS-5005 URL: https://issues.apache.org/jira/browse/NETBEANS-5005 Project: NetBeans Issue Type: Bug Components: platform - Autoupdate Affects Versions: 12.0, Next, 12.1, 12.2, 12.3 Environment: All Reporter: Austin Stephens Java has a keystore that it uses to verify signatures when it loads classes (last I checked) as well for other things. This keystore is not considered when checking signatures on nbm files and updates. This results in a properly signed jar with a well known certificate root appearing as self signed when doing an update. This is rather troubling if one was releasing a platform application and was expecting the auto-update logic to consider such things as properly signed. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@netbeans.apache.org For additional commands, e-mail: commits-h...@netbeans.apache.org For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists