[Fixed] Unsigned application requesting unrestricted access to system¶
Subject/ Problem Description
The following error is displayed when launching applications signed with the MD5withRSA or MD5withDSA algorithms after upgrading to Java.
Unable to launch the application.
Unsigned application requesting unrestricted access to system
Unsigned application requesting unrestricted access to system.
The following resource is signed with a weak signature algorithm MD5withRSA
and is treated as unsigned: http://example.net/ExampleApplication.jar
Applications signed with the MD5withRSA or MD5withDSA algorithms are treated as unsigned by Java starting with the Java 8 Update 131 release.
More information on the changes made in the Java 8 Update 131 release can be found at the links below:
https://www.java.com/en/download/help/jcp_security.xml#md5
http://www.oracle.com/technetwork/java/javase/8u131-relnotes-3565278.html
https://www.java.com/en/jre-jdk-cryptoroadmap.html
Answer / Solution
Workaround
Method 1:
A quick way to fix this is to comment out the line of jdk.jar.disabledAlgorithms in the file lib/security/java.security.
# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
In Windows it’s located at:
C:\Program Files (x86)\Java\jre7\lib\security\java.security)
In macOS, it’s located at
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/java.security
Method 2:
- Revert to an old version of Java/JRE
- Uninstall Java/JRE 8 351 and then install Java/JRE 8 update 341 or an earlier version
Method 3:
- Modify the java.security file
- Modify the java.security file as Administrator and it is located in Windows "C:\Program Files (x86)\Java\jre1.8.0_351\lib\security\java.security" Search for and comment on the following line: jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ " find the lines:
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
DSA keySize < 1024, include jdk.disabled.namedCurves, \
SHA1 denyAfter 2019-01-01
Comment out the "SHA1 denyAfter 2019-01-01" line, but also need to remove the "\" on the preceding line.
So should look like this:
#jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
#DSA keySize < 1024, include jdk.disabled.namedCurves
#SHA1 denyAfter 2019-01-01
Save and re-launch the Java Management Console JNLP launcher. Note: This workaround should be considered "at your own risk" and is not officially endorsed or supported by your Product Owners.
Solution:
The solution is to upgrade the version of your product on the machine and discuss it with product support to determine the best course of action.