After upgrading to Applications Manager v8.0 SP12 HF1 and above, client receives Security Warning's
Article ID: 88471
Updated On:
Products
CA Automic Applications Manager (AM)
Issue/Introduction
Error Message Details:
In Java 1.7 Build 45 and above you will see:
In Java 1.6 Build 45 and above you will see:
Symptoms
After upgrading to Applications Manager (AM) v8.0 SP12 HF1 and above, when you access the AM Client you receive Security Warning pop-up messages if you are using Java version 1.6 or 1.7 Builds 45 and higher.
Cause
With the addition of Oracle's higher security settings in Java v1.6 and 1.7 Build 45 and greater, you may receive Security Warning pop-up messages even though AM has a signed certificate. The pop-up indicates that you have chosen to launch an application with a valid certificate from a trusted authority but that there are warnings. These are not security errors.
In Java 1.7 Build 45 and above you will see:
<Please see attached file for image>
In Java 1.6 Build 45 and above you will see:
<Please see attached file for image>
Symptoms
After upgrading to Applications Manager (AM) v8.0 SP12 HF1 and above, when you access the AM Client you receive Security Warning pop-up messages if you are using Java version 1.6 or 1.7 Builds 45 and higher.
Cause
With the addition of Oracle's higher security settings in Java v1.6 and 1.7 Build 45 and greater, you may receive Security Warning pop-up messages even though AM has a signed certificate. The pop-up indicates that you have chosen to launch an application with a valid certificate from a trusted authority but that there are warnings. These are not security errors.
Environment
Release: AAMOS499000-8.0-Automic Applications Manager-OS400 Agent
Component:
Component:
Resolution
If you trust the application and certificate issuer (Automic), then click Run to proceed.
Automic's digital signature for Applications manager is available for review by clicking on 'More Information' from the Security Warning window and looking at the Certificate Details. The 2 basic warning messages are also available by clicking on 'More Information' and are a result of the following:
Automic's digital signature for Applications manager is available for review by clicking on 'More Information' from the Security Warning window and looking at the Certificate Details. The 2 basic warning messages are also available by clicking on 'More Information' and are a result of the following:
1) That the application is requesting unrestricted access to your computer.
2) That the application's associated JNLP files are not digitally signed.
Keep in mind that these are warnings only and are not security errors. The first warning indicates that you have chosen to launch an application with a valid certificate from a trusted authority and that the application is requesting access to your computer. If you trust that application and certificate issuer (Automic), then click Run to proceed. We do require access to the user's PC in order to be able to write to client debug files, save output files (if you choose), etc. Here is a webpage from Oracle which explains this pop-up message. For Java 7, please refer to the section titled "Java application with a certificate from a trusted authority"2) That the application's associated JNLP files are not digitally signed.
For Java 6, the "application's digital signature cannot be verified" message is a bit misleading, since when you click on 'More Information' it will actually show you the certificate is valid and that you are accepting this certificate to run with permissions.
For the second warning "Although the application has a digital signature, the application's associated file (JNLP) does not have one. A digital signature ensures that a file is from the vendor and that it has not been altered", please refer to 000008508 for more information.
Feedback
Yes
No
Powered by
