Attempting import packages during software resource creation fails due to a change in Java security
Last Updated April 23, 2018
Starting with Java 7 update 51 an increase in security has been made to make user systems less vulnerable to external exploits. This change prevents applications from running that are Unsigned, Self Signed and applications that are missing permissions attributes. Attempting to create software resources, specifically during the import phase of the process, cannot be finished successfully. It should be noted that this same behavior has been seen with Java 7 update 45.
The versions of the console affected are 7.1 SP2 MP 1.1 all the way up to rollup v8 as well as 7.5 HF 2.
MP = Maintenance Pack
HF = Hot Fix
Java applications are blocked by your security settings
Missing Application-Name Manifest attribute
Missing required Permissions manifest attribute in main jar
As was stated above this is a result of increased security in the new Java applet. The new applet will not allow nested main jar files, resulting in the failure.
Note: This issue may be present with all versions of Java 7 beyond Update 45 due to the security changes that have been made.
For version 7.5 the fix has been included in 7.5 HF3, which can be installed via Symantec Installation Manager.
If the problem persists or an update to these versions is not possible, the following solution may resolve the issue.
There are multiple solutions depending on the situation. In a 7.1 environment running update 45 there are two solutions:
1. Update to Java 7 update 51 and follow the subsequent steps:
a. Open the Java Control Panel
b. Click on the "Security" tab
c. Click the "Edit Sites List" button
d. Add the URL that Java is attempting to access. You can confirm which URL by loading the Java console and performing an import.
If doing this from a workstation the Fully Qualified Domain Name (FQDN) should be used. If being performed from the SMP then http://localhost/altiris/softwaremanagement/dialogs should be used. This can be confirmed by following sub-step b above. If the server is setup to use SSL then https must be used. Also note that this workaround must be performed for each profile that is on the computer is more than one user is going to be using their credentials.
Another preemptive step that should be taken is to remove any cached URLs referencing "packagedefinition.jar". To do this:
1. Load the Java console
2. Under the "General" tab beneath "Temporary Internet Files" click "View"
3. Delete any version of the URL referencing "packagedefinition.jar" that is older than the install date of Java 7 u51.
Imported Document ID: TECH214272
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe