I'm deploying an application using JAWS, and it worked until late 2013 when I got a warning, and then this morning Java completely blocked it. The message in French is:
Application bloquée par les paramètres de sécurité
Vos paramètres de sécurité ont bloqué l'exécution d'une application auto-signée avec une version obsolete ou arrivée à expiration de Java.
which would translate roughly as:
Application blocked by the security settings
Your security settings have blocked from running an application that has been self-signed with an obsolete or outdated Java.
The grammar is not that clear, the end of the sentence could be read as either:
- ...blocked a self-signed application from running with an obsolete or outdated Java [runtime], meaning that the local runtime is too old, but the self-signature is fine
- ...blocked an application that has been self-signed with an obsolete or outdated Java [compiler], meaning that the Java compiler used is too old
I searched online for the exact same message in English, but I couldn't find it. So the grammar is still unclear. Note that on the message there is no Name: xyz / From: http://url/
, there's only the text I typed above, and a blue "i" icon.
Now, I don't really understand the exact meaning of this error message, but I know that there is an issue because my JAR files are all self-signed. I have already faced this on other Windows clients, and it was easy:
- I extracted a
.cer
certificate from my keystore; - Downloaded it on the client machine, open it;
- Made the customers install it as a trusted source on their local machine.
It worked like a charm on my test setup and for one customer, but another one still has the issue and cannot run my software.
This is a big issue from me, and I don't know what to do. Should I upgrade my Java compiler, recompile everything, sign every JAR file again and cross fingers? How can I make that Windows box trust my certificate and let the Java application run?