The following resource is signed with a weak signature algorithm MD5withRSA and is treated as unsigned

 

 

The following resource is signed with a weak signature algorithm MD5withRSA and is treated as unsigned

Monday, February 24, 2020

1:59 AM

Error

Detail

Textual

Unsigned application requesting unrestricted access to system

The following resource is signed with a weak signature algorithm

MD5withRSA and is treated as unsigned.

http://hod/hod/WSCachedSupporter2.jar

Remediation

Outline

1.      Identify JRE

2.      Access lib\security folder

3.      Edit java.security

o   jdk.jar.disabledAlgorithms

·        Search out jdk.jar.disabledAlgorithms

·        Comment out reference to MD5

Steps

Access Control Panel Applet – Java

Access Control Panel Applet – Java – Tab – General

Access Control Panel Applet – Java – Tab – java

Access Control Panel Applet – Java – Tab – java – view – Java Runtime Environment Settings

Image

Explanation

1.      Settings

o   C:\Program Files\Java\jre1.8.0_131\bin\javaw.exe

·        Architecture :- x86_64

o   C:\Program Files (x86)\Java\jre7\bin\javaw.exe

·        Architecture :- x86

Folder :- Lib\security

Once we know the path to our JRE, we will navigate to the lib\security folder.

In our case the JRE path is C:\Program Files\Java\jre1.8.0_131.

The version number of Java is 1.8.0_131.  Major Version is 1.8.0 and minor version is 131.

Folder :- Lib\security – Files

 

Folder :- Lib\security – File – java.security

Original

Revised

Explanation

1.      Remove MD5 from the list of disabled Algorithms

2.      Data

o   Original

·        jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

o   Revised

·        #jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024

 

From <https://enguyva.wordpress.com/2018/04/05/java-jnlp-error-weak-signature-algorithm-md5withrsa/>

 

Created with OneNote.