Just a note, I have submitted this bug report. It is bug #6149286 on
bugreport.apple.com. The text of the report follows.
-Kyle H
* SUMMARY
Java mispresents a properly-signed applet as "Java cannot verify the
authenticity of the signature's certificate".
* STEPS TO REPRODUCE
On a freshly-insta
Since this same warning shows up even going to the same location
(https://jogl-demos.dev.java.net/applettest.html) under Safari, it's
definitely not Firefox-related.
http://bugreport.apple.com/ is the best way to report this, since
Apple maintains its own Java distribution for OS X (you cannot get
bmo wrote on 2008-08-11 20:22 PDT:
> Summary: I suspect that there's something wrong with the BUILT-IN Root
> CA cert UTN-USERFirst-Object in Firefox 3.0.1.
>
> We were issued a code signing certificate which was signed by the UTN-
> USERFirst-Object cert built into Firefox (Comodo issues these).
This is definitely a Java problem, not a Firefox issue. Since Sun
does not do the OSX Java releases, the best place to file a bug report
on this issue would be http://bugreport.apple.com/ -- an Apple
Developer Center (ADC) ID is required to submit bug reports there.
-Kyle H
On Wed, Aug 13, 2008
Looking for more information on this issue, I've looked for signed
applets that DO WORK on Firefox 3.0.1/mac osx.
Again, 'works' is defined as if the applet is signed, with a valid
cert, and chain of trust to a trusted root CA, then no scary-and-
confusing-to-a-user messages should come up.
Here's
On Aug 12, 7:37 pm, "Kyle Hamilton" <[EMAIL PROTECTED]> wrote:
> Could you perhaps post your certificate chain?
>
> -Kyle H
>
What is presented in the browser for the certificate chain:
http://www.tryventi.com/certissue/trust1.png
http://www.tryventi.com/certissue/trust2.png
http://www.tryventi.c
bmo wrote, On 2008-08-12 19:36:
> I just pulled out a Windows Vista Machine -- with Firefox 2.0.15, and
> hit the page with our signed java applet on it -- SUCCESS -- I am
> provided a prompt that says the applet verified, do I want to run the
> code?
> I then installed FF 3.0.1 on the Vista machin
Could you perhaps post your certificate chain?
-Kyle H
On Tue, Aug 12, 2008 at 7:25 PM, bmo <[EMAIL PROTECTED]> wrote:
> As a followup -- on Firefox 2.0.15 (Windows Vista), hitting our same
> page with an applet signed by our cert as with FF 3.0.1 on Mac,
> the dialog comes up as "Signature is v
I just pulled out a Windows Vista Machine -- with Firefox 2.0.15, and
hit the page with our signed java applet on it -- SUCCESS -- I am
provided a prompt that says the applet verified, do I want to run the
code?
I then installed FF 3.0.1 on the Vista machine. Reset the JVM cache;
hit the same page
As a followup -- on Firefox 2.0.15 (Windows Vista), hitting our same
page with an applet signed by our cert as with FF 3.0.1 on Mac,
the dialog comes up as "Signature is verified, do you want to run this
code?" - SUCCESS.
That machine has never seen our signed java applet before; it has no
certi
On Aug 12, 3:18 pm, Nelson Bolyard <[EMAIL PROTECTED]>
wrote:
> Kyle Hamilton raised the possibility that the error you're seeing is from
> the JVM rather than from Mozilla code. If the complaint comes from Java,
> which has its own PKI and trusted cert store, then I'd guess that Java
> doesn't t
bmo wrote, On 2008-08-12 11:41:
> I've posted a PNG of the chain of trust as reported by the browser to
> http://www.tryventi.com/certissue/onehub_cert.png
That shows your cert to be valid. That's all that matters, with respect
to your cert.
You originally reported an error message that said:
On Aug 12, 1:40 pm, "Kyle Hamilton" <[EMAIL PROTECTED]> wrote:
> Er. Java on the Mac might use the system Keychain, instead of the
> Firefox security module. Try looking in Keychain Access for the
> UTN-USERFirst certificate, and then try installing it into Keychain
> Access, and try it again.
G
Er. Java on the Mac might use the system Keychain, instead of the
Firefox security module. Try looking in Keychain Access for the
UTN-USERFirst certificate, and then try installing it into Keychain
Access, and try it again.
-Kyle H
On Tue, Aug 12, 2008 at 11:41 AM, bmo <[EMAIL PROTECTED]> wrote
On Aug 11, 9:42 pm, Nelson B Bolyard <[EMAIL PROTECTED]> wrote:
> bmo wrote, On 2008-08-11 20:22:
>
> > Summary: I suspect that there's something wrong with the BUILT-IN Root
> > CA cert UTN-USERFirst-Object in Firefox 3.0.1.
> Look at your cert in FF2. Look at the cert chain. Do you see only tw
Brian, something else you might like to try...
The "UTN-USERFirst-Object" Root CA happens to be cross-certified by
the "AddTrust External CA Root" Root CA. Both Roots are owned by Comodo, and
both are trusted by Firefox for the purpose of signing code.
You can download the cross-certificate fr
bmo wrote, On 2008-08-11 20:22:
> Summary: I suspect that there's something wrong with the BUILT-IN Root
> CA cert UTN-USERFirst-Object in Firefox 3.0.1.
Or perhaps something is wrong with the code that tells you about that
cert.
> We were issued a code signing certificate which was signed by the
17 matches
Mail list logo
