Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Eclipse Update Site - expired certificate

krulls
Champ in-the-making
Champ in-the-making

‎05-13-2015 05:44 AM

Hello activiti team,

recently I tried to use the activiti designer plugin for Eclipse. I followed the guide:
http://www.activiti.org/userguide/#eclipseDesignerInstallation or
http://docs.alfresco.com/4.1/tasks/wf-install-activiti-designer.html

this is the according update site: http://activiti.org/designer/update/

but our infrastructure refuses to download the necessary (JAR) files because of expired end certificates.

here is the explicit message: "[JSCAN] End certificate expired: File blocked" that I get when trying to download i. e. http://activiti.org/designer/update/plugins/org.eclipse.graphiti.pattern_0.10.1.v20130918-0838.jar

I guess this is related to the following statement from http://docs.oracle.com/javase/7/docs/technotes/guides/security/time-of-signing.html:

"Because signing certificates typically expire annually, this caused customers significant problems by forcing them to re-sign deployed JAR files annually."

our infrastructure provider uses the software IWSVA from TrendMicro (https://esupport.trendmicro.com/en-us/business/pages/technical-support/interscan-web-security-virtua...) to validate Java artifacts. See
https://docs.trendmicro.com/all/ent/iwsva/v5.5/en-us/iwsva_5.5_olh/create_an_applet_and_activex_secu... and
https://docs.trendmicro.com/all/ent/iwsva/v5.5/en-us/iwsva_5.5_olh/mmc_policy_java.htm

the question is: do you have to provide a (new) valid eclipse plugin update site? or do I have to inspect and check the IWSVA for outdated routines of checking Java artifacts?

kind regards

stephan krull
ecg-leipzig.de
Labels:
0 Kudos
2 REPLIES 2

jbarrez
Star Contributor
Star Contributor

‎05-18-2015 10:59 AM

Where is the expiration coming from? I see that jar was uploaded 8 juli.
As a workaround, you can always download the zip and install manually (see http://activiti.org/designer/archived/).
0 Kudos

krulls
Champ in-the-making
Champ in-the-making

‎05-19-2015 03:56 AM

My guess is that the expiration relates to the certificate in the "META-INF" directory of the JARs (see here). The modification date of the certificates under directory META-INF from this JAR are September 2013.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC