Lucid openjdk cannot verify applet signature (certificate chain not rebuilt)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Iced Tea |
Invalid
|
Undecided
|
Unassigned | ||
ca-certificates-java (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
icedtea-web (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
openjdk-6 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
1.) $ lsb_release -rd
Description: Ubuntu lucid (development branch)
Release: 10.04
2.) $ apt-cache policy openjdk-6-jre
openjdk-6-jre:
Installed: 6b18-1.8-0ubuntu1
Candidate: 6b18-1.8-0ubuntu1
Version table:
*** 6b18-1.8-0ubuntu1 0
500 http://
100 /var/lib/
$ apt-cache policy openjdk-
openjdk-
Installed: 6b18-1.8-0ubuntu1
Candidate: 6b18-1.8-0ubuntu1
Version table:
*** 6b18-1.8-0ubuntu1 0
500 http://
100 /var/lib/
$ apt-cache policy openjdk-6-jre-lib
openjdk-6-jre-lib:
Installed: 6b18-1.8-0ubuntu1
Candidate: 6b18-1.8-0ubuntu1
Version table:
*** 6b18-1.8-0ubuntu1 0
500 http://
100 /var/lib/
$ apt-cache policy icedtea6-plugin
icedtea6-plugin:
Installed: 6b18-1.8-0ubuntu1
Candidate: 6b18-1.8-0ubuntu1
Version table:
*** 6b18-1.8-0ubuntu1 0
500 http://
100 /var/lib/
$ apt-cache policy firefox
firefox:
Installed: 3.6.3+nobinonly
Candidate: 3.6.3+nobinonly
Version table:
*** 3.6.3+nobinonly
500 http://
100 /var/lib/
3.) What I expected
a.) Go to https:/
b.) Click on Union Jack to change language (optional, same problem occurs also in Finnish)
c.) Click on "Log on to eBanking"
d.) a warning appears and states that the applet signature has been verified (Verisign Class 3 Code signing certificate should be built in and trusted)
This works as expected with sun-jre in both intrepid and jaunty (don't have karmic handy)
4.) What happened
Java dialog appears "The application signature cannot be verified."
The certificate is signed by:
Version 3
Serial 134678584529721
Signature Algorithm SHA1withRSA
Issuer OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Validity Validity: [From: Thu May 21 03:00:00 EEST 2009,
To: Tue May 21 02:59:59 EEST 2019]
Subject CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https:/
Signature 0000: 8B 03 C0 DD 94 D8 41 A2 61 69 B0 15 A8 78 C7 30 ......A.ai...x.0
0010: C6 90 3C 7E 42 F7 24 B6 E4 83 73 17 04 7F 04 10 ..<.B.$...s.....
0020: 9C A1 E2 FA 81 2F EB C0 CA 44 E7 72 E0 50 B6 55 ...../...D.r.P.U
0030: 10 20 83 6E 96 92 E4 9A 51 6A B4 37 31 DC A5 2D . .n....Qj.71..-
0040: EB 8C 00 C7 1D 4F E7 4D 32 BA 85 F8 4E BE FA 67 .....O.M2...N..g
0050: 55 65 F0 6A BE 7A CA 64 38 1A 10 10 78 45 76 31 Ue.j.z.d8...xEv1
0060: F3 86 7A 03 0F 60 C2 B3 5D 9D F6 8B 66 76 82 1B ..z..`..]...fv..
0070: 59 E1 83 E5 BD 49 A5 38 56 E5 DE 41 77 0E 58 0F Y....I.8V..Aw.X.
MD5 Fingerprint 56:10:5F:
SHA1 Fingerprint 12:D4:87:
---
Architecture: i386
DistroRelease: Ubuntu 10.10
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release Candidate i386 (20100928)
Package: openjdk-6
PackageArchitec
ProcEnviron:
LANG=en_US.utf8
SHELL=/bin/bash
ProcVersionSign
Tags: maverick
Uname: Linux 2.6.35-22-generic i686
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
is the certificate in the certificate store?