Hi Chris,
well I think reason number 1 is not correct. The definition of self
signed depends on who created the signing key. If you created it
yourself, it is a self signed jar and will rightfully be blocked.
If you however obtained the signing key from a Certification Authority,
that java accepts, it is not a self signed jar and will not be blocked.
This is a perfectly valid usecase for fxsign jar.
For the 2nd reason: I don't think many users will go modular for
Webstart Applications. Normally you simply pack all your classes in a
single big jar-file (and perhaps a second, if you use a preloader).
This avoids various network round trips, when the application starts and
makes deployment much easier.
Stefan
Hi Stefan,
Yes, it is being deprecated. It will continue to function as it has. Two main
reasons for the deprecation are:
1. Self signed jars are blocked and sign as blob is a self signed jars.
2. There will be a replacement for modules that will be better.
Chris
On Dec 12, 2016, at 11:56 PM, Stefan Fuchs <snfu...@gmx.de> wrote:
Hi,
so blog signing as deprecated.
What are the reasons for deprecating blog signing? Are there alternatives?
How do I sign a webstart application?
Stefan
David,
Please review these changes to deprecate the blob signing from the Java
Packager.
JIRA: https://bugs.openjdk.java.net/browse/JDK-8169443
<https://bugs.openjdk.java.net/browse/JDK-8169443>
Webrev: http://cr.openjdk.java.net/~cbensen/JDK-8169443/webrev.00/
<http://cr.openjdk.java.net/~cbensen/JDK-8169443/webrev.00/>
Chris
