Techtip : Does the "ASAP jar files certificate is going to expire by 17-Oct-2016 " announcement impact me when I am using self signed certificates  for secure communications in my environment .

Document created by DirkBleyenberg Employee on Sep 23, 2016Last modified by DirkBleyenberg Employee on Sep 23, 2016
Version 3Show Document
  • View in full screen mode

Question: 

Does the "ASAP jar files certificate is going to expire by 17-Oct-2016  announcement impact me when I am using self signed certificates  for secure communications in my environment .

 

Environment:  

Release Automation 4.7x , 5.x and 6.x

Answer: 

Yes the secure communcations setup is referring to the SSL connection from ASAP to NAC,  we are not referring to the SSL connection from ASAP to NAC.

The certificate which is going to expire is the certificate that is used for signing the ASAP jar files (using jarsigner). This is part of Java Network Launching Protocol (JNLP).

Since the ASAP jar files are downloaded to the client machine (using Java Web Start jnlp mechanism), the client should verify their authenticity. The build process of ASAP jar files is signing them with a CA specific private secret key. Since you don’t have the CA source code of ASAP jar files and CA specific private secret key – you can’t sign ASAP jar files by yourself. The certificate that is used for signing ASAP jar files is going to expire by 17 October 2016 .

 

Additional Information:

The  jar files are updated in the latest cumulative patch which can be found at.

 Download the latest cumulative for all supported RA versions

 

The certificate used to sign the jar files is now valid until april 2019 .

 

2 people found this helpful

Attachments

    Outcomes