X

Proactive insights, news and tips from Oracle Fusion Middleware Support. Learn Oracle from Oracle.

Signature Timestamp Support in Oracle Forms jar files

Alexandra David
Principal Technical Support Engineer

Oracle provided jar files that come with Oracle Forms 11g and 12c were signed out-of-the-box with a java feature called Timestamp.

For an Oracle Forms user, this means that Security Warnings related to certificate expiration should not occur even after a certificate has expired. 


The only indication of a certificate expiration would appear in the Java Console and look like this:

security: Validate the certificate chain using CertPath API
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path

 

More details about this feature are described in: Doc ID 2072400.1

 

Join the discussion

Comments ( 1 )
  • Michael Ferrante Monday, November 6, 2017
    I think what is important to point out is that when using "timestamp", it isn't the jar that expires. The expiration that occurs is related to the certificate used to sign the jar in the first place. Once that cert expires, it can no longer be used to sign new jar files. So, as long as the cert was not expired at the time your jar was signed, this means that it was signed with an appropriate cert and the jar is valid.

    Too often there is confusion related to what the "expiration" actually represents.
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.