Temurin-build: Warning from Symantec Endpoint Protection Download Insight running jdk8 java.exe
When running the AdoptOpenJDK Java 8 builds on Windows, Symantec Endpoint Protection Download Insight identifies java.exe as a 'Security Risk' and pops up a Window claiming that it is
- 'Unproven': There is little evidence that this file is trustworthy
I am unable to suppress the pop ups because the Symantec settings are set by my employer.
Is there something which can be added to the build to make java.exe 'trustworthy'?
lumpfish
All 4 comments
so this is how the code signing works, Microsoft now needs more than just codesigning to trust files (it also relies on quantity of downloads) Hopefully this will stop being an issue soon!
See https://github.com/AdoptOpenJDK/openjdk-build/issues/161 for a solution
gdams
on 10 Oct 2017
Presumably that means that the number of downloads will start from zero for each new (e.g. nightly) build?
lumpfish
on 10 Oct 2017
no it's actually about the number of times that certificate is found on Windows machines so in time it will be more trusted
gdams
on 10 Oct 2017
With the latest build download I now just get one popup with a count of many times the 'risk' has occurred many popups which is much more manageable. Closing this issue.
lumpfish
on 10 Oct 2017
Related issues
mstoodle
·
3Comments
sophia-guo
·
6Comments
gdams
·
4Comments
pshipton
·
4Comments
ChristianCiach
·
7Comments
Most helpful comment
With the latest build download I now just get one popup with a count of many times the 'risk' has occurred many popups which is much more manageable. Closing this issue.