This jar contains entries whose signer certificate will expire within six months

Question

I\'ve signed my jar in various ways, but I keep getting the above error message when I use the command:

jarsigner -verify -verbose [my jar]

Answer 1

Is there a way to get rid of this error?

It is not an error, but a warning. As to how to avoid it, make sure the certificate has a validity date that is longer than 6 months. For a self-signed certificate, that is a matter of providing the correct parameters when generating the key. Here is the keytool Example.

keytool -genkeypair -dname "cn=Mark Jones, ou=Java, o=Oracle, c=US"
  -alias business -keypass  -keystore /working/mykeystore
  -storepass  -validity 180

The important part is -validity 180. 180 days, or around 6 months, for that example. Use 1800 for around 5 years.

Will my code just stop working after six months if it's not re-certified?

Not exactly.

• The user on some systems will be warned that the certificate has expired, and be offered the choice to accept it. If they do, it will work as normal. e.g. of "signature has expired":
  
• Other systems might be configured to automatically reject out of date certificates. On those machines, the code will most likely never start, or in rare cases, be loaded but have a sand-box applied.

---

I thought I had turned all java caching off though, as it's annoying when trying to develop.

Applet caching during testing is a big problem. I try to avoid testing applets in the browser until absolutely necessary. There are 2 ways I know of to test applets that will not cache the classes.

1. Use the AppletViewer
2. An hybrid applet/application