-
-
Notifications
You must be signed in to change notification settings - Fork 21.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix: JAR files signed with the MD5 algorithm as unsigned (godot 3) #18627
Conversation
Context: Starting in April (2017), if a JAR file is signed with MD5, Oracle will treat it as unsigned (https://www.infoworld.com/article/3159186/security/oracle-to-java-devs-stop-signing-jar-files-with-md5.html) |
It seems SHA-1 is going to be deprecated too and this should use SHA256withRSA? (https://stackoverflow.com/questions/41878258/java-9-deprecating-sha1-certificates-or-another-issue-at-work) |
What's the status of this? |
I can see it's updated to use SHA256 now. |
Sorry, guys I been having problems with the apk installation because of a file named |
Thank you! |
This should probably be cherrypicked, since otherwise 3.0.x Android export would lack proper signage. |
should it be cherrypicked on 2.1 branch also? |
Cherry-picked into 3.0.3. |
Bugsquad edit: Fixes #8758