The certificate used to identify this application has been revoked

[steven.d...@gmail.com]

Hi,

We are getting the error message 'The certificate used to identify this application has been revoked' with the following details:

java.security.cert.CertificateRevokedException: Certificate has been revoked, reason: CERTIFICATE_HOLD, revocation date: Sun Sep 18 10:00:07 CEST 2016, authority: CN=Certipost E-Trust Secondary Normalised CA for SSL and Code, O=Certipost s.a./n.v., C=BE, extension OIDs: [2.5.29.21]

at com.sun.deploy.security.RevocationChecker.checkApprovedCRLs(Unknown Source)

at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)

at com.sun.deploy.security.RevocationChecker.check(Unknown Source)

at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)

at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)

at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)

at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)

at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source)

at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source)

at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)

at java.security.SecureClassLoader.defineClass(Unknown Source)

at java.net.URLClassLoader.defineClass(Unknown Source)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)

at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)

at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)

at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

The date of validity of this certificate runs until March 2017. Any ideas?

Kind regards?

Steven De Sutter

[wouter....@fedict.be]

Hi Steven,

The certificate which was used to sign that version of the applet has indeed been revoked. To replace it, the applet has been resigned with a new certificate, but you will find it in a different location from where the applet was previously found.

The new location is https://maven.eid.belgium.be/; here, you will find two versions:

- Version 1.1.4 is exactly the same as 1.1.3, except that it has been resigned with the correct certificate
- Version 2.0.0.FEDICT is a version which has had a number of improvements. If you have the time, we do recommend that you move to this version. However, it is not a drop-in replacement for 1.1.3, and is not immediately backwards compatible (you may have some work to update your own code).

To use the new applet in a maven project, you can use the following pom.xml snippet:

<repository>
<id>eid-maven-repo</id>
<url>https://maven.eid.belgium.be</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>

after that, the used version of the applet can be updated (e.g., to 1.1.4).

Kind regards,

Op donderdag 22 september 2016 08:56:23 UTC+2 schreef steven.d...@gmail.com:

[jo...@craenhals.eu]

Struggling with the same issue.

Any solutions? 

We're running the eID applet in a corporate environment where we can disable security prompts if this could solve the issue temporarily.

Best regards,

Joël Craenhals

Op donderdag 22 september 2016 08:56:23 UTC+2 schreef steven.d...@gmail.com:

Hi,

[marijol...@gmail.com]

Same here. What's going on? How can this be fixed?

Op donderdag 22 september 2016 08:56:23 UTC+2 schreef steven.d...@gmail.com:

Hi,

[xavier.v...@gmail.com]

Yes, +1 on the same problem !

xavier

[jo...@craenhals.eu]

Hi,

I just need the new JAR file. Where can I download it?

Best regards,

Joël

Op donderdag 22 september 2016 08:56:23 UTC+2 schreef steven.d...@gmail.com:

Hi,

[bauw...@hotmail.com]

Hey, 

I seem to have missed this communication (I only check this google group..), when and how was this communicated?

Assuming it had been communicated in advance...

Kind regards, 

Koen

Op donderdag 29 september 2016 11:17:01 UTC+2 schreef wouter....@fedict.be: