Hi All

Please take a look at

   http://cr.openjdk.java.net/~weijun/8130132/webrev.00/

These new warnings will be added to jarsigner:
 
  The signer's certificate is self-signed.
  This jar contains entries whose signer certificate is self-signed.
  The %1$s algorithm used as %2$s is considered a security risk.
 
For the last one, %1#s is the algorithm name (For example, MD5), %2#s is the 
option name which is one of "-digestalg", "-sigalg", and "-tsadigestalg".
 
Also, two existing warning messages
 
  The signer's certificate chain is not validated.
  This jar contains entries whose certificate chain is not validated.
 
will be updated to
 
  The signer's certificate chain is not validated. Reason: %s
  This jar contains entries whose certificate chain is not validated. Reason: %s
 
where %s will be the getLocalizedMessage() value of the exception caught in 
certificate chain validation.

Thanks
Max

Reply via email to