1 Reply Latest reply on Nov 9, 2009 1:57 AM by phoffmann

    jre-6u17-windows-i586.exe & security certificate




      I've created a new software distribution package  to install Java Runtime Environment update 17. I've used command line

      /s AgreeToLicense=YES IEXPLORER=1 MOZILLA=1 REBOOT=Suppress JAVAUPDATE=0 which has worked on the previous versions.The target is to do a quiet installation without prompts for users and suppress the reboot.


      Now with the JRE6 update 17 things have changed. The command line in itself is working fine but users are getting the message: "revocation information for the security certificate for this site is not available". (see the attached screenshot). Users have to click Yes couple of times in order to get the installation completed. Otherwise the task will fail.


      I realize this isn't a Landesk issue but has anyone seen this behavior? I have also tried going through Security and Patch manager, right-click on the JREJDK_32bit_20091104_Manual vulnerability and selected repair as a scheduled task. The result is still the same.


      What needs to be done to avoid JRE user prompts during installation?

        • 1. Re: jre-6u17-windows-i586.exe & security certificate
          phoffmann SupportEmployee

          Well - the security alert is coming from Windows (I would think) - so it's responding to (global?) policy settings here - not quite UAC (User Access Control), but something similar.


          You could have a look at that - though if you've not had this in the past, the way I see it there's two possibilities (usually).


          A - Someone in your org has tightened the GPO's to be more secure, and Sun hasn't actually changed anything - but now you see this popup because of increased security. It will help finding out "whodunnit" (and specifically - WHAT they've changed) to figure out if this is (1) - necessary - and (2) - how it can/should be worked around/with.


          B - Your policies haven't changed, and Sun *DID* change something in the Java installer to comply more with a Microsoft BKM / something or other / thing (it's a technical term, honest).


          Based on experience, A is *usually* the more likely option, but that's just a rule of thumb (since you seem so far the only one to bring this up, I feel more confident with suspecting that something in your environment was changed).


          If it's the latter, you would have to check with Sun for how they'd recommend the automated installation to work now (they should be working on a BKM I'd hope).


          If you're in the "wonderful" position that no one will own up to changing something (or you can't find out otherwise), the way to try and figure this one out will be to see how you can work around this... that could be repackaging the package, with something like our "new" package builder, automating the install with AutoIT / WinBatch or something of the like)...?


          Hope this helps you along somewhat .


          - Paul Hoffmann

          LANDesk EMEA Technical Lead