BUG: Renewed Certificates Trigger an Erroneous Security Dialog Box (304638)

SYMPTOMS

When you use a renewed security certificate for code signing, users who accepted the certificate before its renewal may receive an erroneous warning dialog box. This behavior occurs when you sign a distribution unit with the renewed certificate, and then deploy the distribution unit to an existing (pre-renewal) codebase.

RESOLUTION

To work around this problem, remove those packages that have been deployed through the old (pre-renewal) certificate from the code store database before you deploy any new distribution units (signed with the renewed certificate).

MORE INFORMATION

Use the RemoveControlByName function to incorporate the required uninstall step in a deployment-and-update scenario. This function is available through the Microsoft J/Direct technology for Java, provided that adequate security permissions are applied. However, note that the J/Direct @dll.import compiler directive must specify the ANSI character set, rather than auto (the default).

/**
 * @dll.import("OCCACHE", ansi) 
 */ 

HRESULT RemoveControlByName(
    LPCTSTR lpszFile,
    LPCTSTR lpszCLSID,
    LPCTSTR lpszTypeLibID,
    BOOL bForceRemove,
    DWORD dwIsDistUnit
);

For more information about the RemoveControlByName function, browse to the following MSDN Web site:

http://msdn.microsoft.com/workshop/components/occache/reference/functions/RemoveControlByName.asp

For more information about the virtual machine for Java security model, browse to the following Microsoft Web site:

http://www.microsoft.com/mscorp/java/

BUG: Renewed Certificates Trigger an Erroneous Security Dialog Box (304638)

SYMPTOMS

RESOLUTION

STATUS

MORE INFORMATION

REFERENCES