neil wilkes
7th October 2014, 11:38
The very first question I have to ask is "Who do I write to so that a signed certificate actually gets accepted at replication"?
I tried the BDA, but they will not talk spec unless I get FLLA licensed at $24,000 plus for the 3 spec books required.
The trouble we are having is that when we include a properly signed JAR file certificate it gets knocked back at replication with an error that "signatory is unknown" and "Signature cannot therefore be trusted" and as a result "JAR file cannot be trusted".
The "fix" is to simply use an unsigned JAR file, which is then accepted for replication.
So the second question is "Why is a JAR file that could not be trusted when we signed it suddenly okay (and presumably can now be trusted for replication) now we have *not* signed it"?
Suspect the answer is to do with exactly what the JAR file is accessing or potentially capable of accessing (BD-Live?) so question 3 is therefore "What circumstances are mandatory for a signed JAR file"?
Thanks in advance to all - something that ought to be straightforward is a quagmire of insane red tape that nobody seems to want to talk about unless we fork out yet more enormous amounts of money
I tried the BDA, but they will not talk spec unless I get FLLA licensed at $24,000 plus for the 3 spec books required.
The trouble we are having is that when we include a properly signed JAR file certificate it gets knocked back at replication with an error that "signatory is unknown" and "Signature cannot therefore be trusted" and as a result "JAR file cannot be trusted".
The "fix" is to simply use an unsigned JAR file, which is then accepted for replication.
So the second question is "Why is a JAR file that could not be trusted when we signed it suddenly okay (and presumably can now be trusted for replication) now we have *not* signed it"?
Suspect the answer is to do with exactly what the JAR file is accessing or potentially capable of accessing (BD-Live?) so question 3 is therefore "What circumstances are mandatory for a signed JAR file"?
Thanks in advance to all - something that ought to be straightforward is a quagmire of insane red tape that nobody seems to want to talk about unless we fork out yet more enormous amounts of money