After installing java jre update 1.8.0_131 or higher, users can no longer launch the Spectrum OneClick client. The following exceptions is thrown:
Error: Unsigned application requesting unrestricted access to system
The following resource is signed with a weak message digest algorithm MD5 and is treated as unsigned:
http://localhost/spectrum/lib/clienttopo.jar;no_javaws_cheat
http://localhost/spectrum/lib/contrib/clientslm.jar;no_javaws_cheat
The exception shows:
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Oracle has updated their security policy announcing that JRE versions released starting with 1.8.0_131 in April 2017 will not trust MD5-signed jars. Please review the announcement for dates and JRE versions:
https://blogs.oracle.com/java-platform-group/entry/oracle_jre_will_no_longer
https://www.java.com/en/jre-jdk-cryptoroadmap.html
You need to either upgrade Spectrum to 10.2 or 10.2.1 or remove the md5 requirement for java jre on each client machine that upgrades to java 1.8.0_131 or greater:
In the java.security file (you may need to find this file, however it generally will be in a folder similar to):
C:\Program Files (x86)\Java\<jre version>\lib\security
Change this line to remove the MD5 entry:
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
To this:
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
Then relaunch the OneClick client.
CA product advisory:
https://support.ca.com/phpdocs/7/7832/7832_oracle-jre_product-advisory-02022017.pdf