TrueSight Middleware and Transaction Monitor: How to resolve a Java Code Signing Certificate Expiration message: Application Blocked by Java Security prompt

Knowledge Article

TrueSight Middleware and Transaction Monitor: How to resolve a Java Code Signing Certificate Expiration message: Application Blocked by Java Security prompt
TrueSight Middleware Transaction Monitor
TrueSight Middleware Transaction Monitor
BMC Middleware and Transaction Management
TrueSight Middleware and Transaction Monitor
BMC Middleware Management - Performance and Availability
BMC Middleware Management - Transaction Monitoring
TrueSight Middleware Transaction Monitor
TrueSight Middleware Transaction Monitor
BMC Middleware and Transaction Management
TrueSight Middleware and Transaction Monitor
BMC Middleware Management - Performance and Availability
BMC Middleware Management - Transaction Monitoring
Application Blocked by Java Security prompt caused by Java Code Signing Certificate Expiration

BMC is alerting customers to an issue with the Java Code Signing certificate used to create Version 7.0.00, 8.0.00 or 8.1.00 (earlier server fixpack G level)  of any of the Affected Products listed above.  Note that customers running the above versions should upgrade to TMTM 8.1.00 server Fix Pack G or higher to avoid the issue. 

Issue:
On February 9th 2020, the Java Code Signing Certificate used to code sign the Java code in the Management Console for version 8.0.01 and 8.1.00 GA and server fixpacks earlier than 8.1.00 425G will expire.  After that date, on Management Console startup, you may get a warning from Internet Explorer that indicates the certificate used to sign the Java code has expired.  The code is still signed properly, but the certificate used to sign the code originally has expired.  

User-added image

Depending on your Java security settings, you may be required to acknowledge this warning before proceeding when starting the Management Console.  In that case, you will need to continue to acknowledge this warning each time you launch the console.

If your Java Security settings block applications signed with expired certificates, and therefore block the Management Console from starting, a workaround is to add the application URL to your Exception Site List.  This list is located under the Security tab of the Java Control Panel.  See the following example for instructions:

-    Open the Java Control Panel and click on the Security tab.

-    Click on the Edit Site List button.

"    Click the Add in the Exception Site List window.

User-added image

-    Click in the empty field under Location field to enter the URL. 
NOTE: URL should begin with http:// or https://   For Example: http://myexample.com or https://myexample.com

-   Click OK to save the URL that you entered. If you click Cancel, the URLs are not saved.

-    Launch the Management Console and review the Security Warning dialog. Select the "I accept …" checkbox, and click Run to start the Management Console.

User-added image
 

To avoid this issue entirely, customers are encouraged to upgrade to their services to version TMTM 8.1.00.425 server fixpack G or later.
TrueSight Middleware Transaction Monitor
TrueSight Middleware Transaction Monitor
BMC Middleware and Transaction Management
TrueSight Middleware and Transaction Monitor
BMC Middleware Management - Performance and Availability
BMC Middleware Management - Transaction Monitoring
Attachment(s):