I\'ve signed my jar in various ways, but I keep getting the above error message when I use the command:
jarsigner -verify -verbose [my jar]
Is there a way to get rid of this error?
It is not an error, but a warning. As to how to avoid it, make sure the certificate has a validity date that is longer than 6 months. For a self-signed certificate, that is a matter of providing the correct parameters when generating the key. Here is the keytool Example.
keytool -genkeypair -dname "cn=Mark Jones, ou=Java, o=Oracle, c=US"
-alias business -keypass <new password for private key> -keystore /working/mykeystore
-storepass <new password for keystore> -validity 180
The important part is -validity 180
. 180 days, or around 6 months, for that example. Use 1800 for around 5 years.
Will my code just stop working after six months if it's not re-certified?
Not exactly.
I thought I had turned all java caching off though, as it's annoying when trying to develop.
Applet caching during testing is a big problem. I try to avoid testing applets in the browser until absolutely necessary. There are 2 ways I know of to test applets that will not cache the classes.