JDK-8147920 : JARSigningException while start application with JNLP
  • Type: Bug
  • Component: deploy
  • Sub-Component: webstart
  • Affected Version: 8u72
  • Priority: P2
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_7
  • CPU: x86_64
  • Submitted: 2016-01-20
  • Updated: 2016-04-05
  • Resolved: 2016-01-26
Related Reports
Relates :  
JDK-8080646 - Severe performance issue w/ Web Start application startup/runtime since 8u40
Description
FULL PRODUCT VERSION :
Java Web Start 11.72.2.15
JRE-Version verwenden 1.8.0_72-b15 Java HotSpot(TM) 64-Bit Server VM

ADDITIONAL OS VERSION INFORMATION :
Windows 7 64Bit,   Microsoft Windows [Version 6.1.7601]

A DESCRIPTION OF THE PROBLEM :
Starting the application from JNLP file (or browser), an JARSigningException is thrown:

com.sun.deploy.net.JARSigningException: Signatur konnte nicht verifiziert werden in Ressource: https://trial.amparex.net:443/amparex/lib/generic/generic_client.jar
	at com.sun.deploy.security.TrustDecider.ensureAllJarEntriesSigned(Unknown Source)
	at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
	at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
	at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
	at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
	at com.sun.deploy.security.DeployURLClassLoader.getResourcePermission(Unknown Source)
......


Using JRE18_71 (with Java Web Start 11.71.2.15) the signed JARs could be verified with success and the application is running.





REGRESSION.  Last worked in version 8u71

ADDITIONAL REGRESSION INFORMATION: 
C:\Program Files\Java\jre1.8.0_72\bin>.\java -version
java version "1.8.0_72"
Java(TM) SE Runtime Environment (build 1.8.0_72-b15)
Java HotSpot(TM) 64-Bit Server VM (build 25.72-b15, mixed mode)


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
To reproduce this issue:

C:\Program Files\Java\jre1.8.0_72\bin>.\javaws.exe -verbose https://trial.amparex.net/amparex/start.jnlp




ERROR MESSAGES/STACK TRACES THAT OCCUR :
ava.security.cert.CertificateException: Signatur konnte nicht verifiziert werden in Ressource: https://trial.amparex.net:443/amparex/lib/generic/generic_client.jar
	at com.sun.deploy.security.TrustDecider.ensureAllJarEntriesSigned(Unknown Source)
	at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
	at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
	at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
	at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
	at com.sun.deploy.security.DeployURLClassLoader.getResourcePermission(Unknown Source)
	at com.sun.deploy.security.DeployURLClassLoader.getResourceAsStream(Unknown Source)
	at de.mtf.impulse.fw.shared.component.ComponentConfigurationBuilder.addConfiguration(ComponentConfigurationBuilder.java:126)
	at de.mtf.impulse.fw.shared.component.ComponentConfigurationBuilder.findAllConfigurationParts(ComponentConfigurationBuilder.java:107)
	at de.mtf.impulse.fw.shared.component.ComponentConfigurationBuilder.buildConfigurationFor(ComponentConfigurationBuilder.java:43)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.getConfigurationFor(ComponentFactory.java:163)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.doCreate(ComponentFactory.java:444)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.create(ComponentFactory.java:360)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.create(ComponentFactory.java:341)
	at de.mtf.impulse.fw.shared.resource.Icons.instance(Icons.java:25)
	at de.mtf.impulse.common.client.standard.util.swing.DefaultGUIFactory.<clinit>(DefaultGUIFactory.java:211)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
	at java.lang.reflect.Constructor.newInstance(Unknown Source)
	at java.lang.Class.newInstance(Unknown Source)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.doCreate(ComponentFactory.java:425)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.create(ComponentFactory.java:360)
	at de.mtf.impulse.fw.shared.component.ComponentFactory.create(ComponentFactory.java:341)
	at de.mtf.impulse.fw.client.swing.GUIFactory.instance(GUIFactory.java:38)
	at de.mtf.impulse.common.client.standard.application.Splash.initComponents(Splash.java:146)
	at de.mtf.impulse.common.client.standard.application.Splash.<init>(Splash.java:116)
	at de.mtf.impulse.common.client.standard.application.Splash.<clinit>(Splash.java:28)
	at de.mtf.impulse.common.client.standard.application.Main$1.run(Main.java:52)
	at java.awt.event.InvocationEvent.dispatch(Unknown Source)
	at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
	at java.awt.EventQueue.access$500(Unknown Source)
	at java.awt.EventQueue$3.run(Unknown Source)
	at java.awt.EventQueue$3.run(Unknown Source)
	at java.security.AccessController.doPrivileged(Native Method)
	at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source)
	at java.awt.EventQueue.dispatchEvent(Unknown Source)
	at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
	at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
	at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
	at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
	at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
	at java.awt.EventDispatchThread.run(Unknown Source)
Caused by: com.sun.deploy.net.JARSigningException: Signatur konnte nicht verifiziert werden in Ressource: https://trial.amparex.net:443/amparex/lib/generic/generic_client.jar
	... 43 more


REPRODUCIBILITY :
This bug can be reproduced always.
Comments
Vivek, can you please figure out in which build the issue was introduced?
21-01-2016
Please evaluate
21-01-2016
Checked this for 8u66, 8u71, 8u72 and 8u76 ea b03 and issue is reproducible with 8u72 GA as reported by the submitter. 8u66: OK 8u71: OK 8u72: FAIL 8u76 ea b03: OK To confirm run the following command: C:\Program Files\Java\jre1.8.0_72\bin>.\javaws.exe -verbose https://trial.amparex.net/amparex/start.jnlp Error message with 8u72 b15: ==================================================================================== java.security.cert.CertificateException: Could not verify signing in resource: https://trial.amparex.net:443/amparex/lib/generic/generic_client.jar at com.sun.deploy.security.TrustDecider.ensureAllJarEntriesSigned(Unknown Source) ............................................. .............................................. ............................................... Caused by: com.sun.deploy.net.JARSigningException: Could not verify signing in resource: https://trial.amparex.net:443/amparex/lib/generic/generic_client.jar ... 43 more =====================================================================================
21-01-2016