Open bdw429s opened 8 years ago
denuno
commented
8 years ago I think this is because we have the BC jars included ourselves, and that one does the same... I could sign runwar.jar, but I don't have a trusted certificate, so I'm still pondering how to resolve this one.
bdw429s
commented
8 years ago Ok, probably not the biggest issue in the world, but since we want this to work with "any" java war we might run into it again in the future. I don't know what it takes to get a trusted cert.
denuno
commented
8 years ago Instead of getting a trusted cert, which is kinda overkill (it has to be a special one from Oracle), we can bundle the bouncycastle jars, and then expand them to the temp dir upon startup, and then load them, which gets around the signing issue... just not sure about the overhead of expanding 2 megs to the temp dir with every run. :-/
bdw429s
commented
8 years ago You mean they can't just be dumped in the /lib folder with the rest of the jars?
denuno
commented
8 years ago We need them for runwar itself to do SSL support, and I think for the internal server's cfmail, though I may be misremembering. Up until now we've just been shading the classes into runwar, but that's where the signature error comes from. I may apply for one of those certs from Oracle, just because that's the cleanest approach I think, but I dunno how likely or how long getting one of those certs would be/take.
I don't know what this means, but I ran across it while testing random wars from the Internet. This exception was thrown from a war called Gitblit http://dl.bintray.com/gitblit/releases/gitblit-1.7.1.war
It seems to be implying that something inside Runwar isn't secure.