JDK-8191438 : jarsigner should print when a timestamp will expire
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2017-11-16
  • Updated: 2019-02-18
  • Resolved: 2018-02-14
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 8 Other
11 b01Fixed 8u202Fixed openjdk7uFixed
Related Reports
Blocks :  
Relates :  
Sub Tasks
JDK-8197783 :  
jarsigner should print more information about the lifetime of a timestamped JAR, which is bounded by the validity period of the TSA. Once the TSA server certificate expires, the timestamp is no longer valid and the JAR will be treated as unsigned (assuming the signer's certificate is also expired). Printing this information would give users a better idea how long the timestamped application will actually work. The information should be emitted when using jarsigner to sign or verify a JAR, and perhaps also when using keytool to print the certificates in a signed JAR. The warnings should be categorized by severity based on how soon the timestamp will expire. 
This fix depends on JDK-8180289.