Home     Products      Support      Corporate     Sign In 
Support Knowledge Base, Article 82
Product
JFile
Version
1.x
Title
VeriSign Code Signing IDs for Netscape Expire on 12/31/99
Problem
VeriSign Code Signing IDs for Netscape Object Signing currently work with Netscape version 4.0x browsers. However, the Root CA embedded in Netscape Navigator 4.01 to 4.05 is set to expire on 12/31/99. Users of these browsers will not be able to successfully download applications signed with Netscape Object Signing IDs, and will encounter a dialog box stating "SmartUpdate failed; JAR archive failed security check. Issuer certificate is invalid."

Research indicates that less than 4 percent of all browser users will be affected.

The situation does not affect Microsoft Internet Explorer browsers.

Solution

Encourage Netscape users to upgrade to Netscape 4.7.
  • Link your users to http://home.netscape.com/computing/download/, where they can download Netscape 4.7 for free. For users with slower Internet connections, Netscape Communicator 4.7 is available on CD for $4.95: see http://cd.netscape.com/4.7/.
  • Post upgrading tools on your site. For sites secured by VeriSign Code Signing IDs for Netscape Object Signing, VeriSign and Netscape have created a number of tools for Web masters to help users of affected Netscape browser versions upgrade by December 31, 1999. These tools are quick and easy to implement, and are already in use at a number of leading financial and e-commerce sites. VeriSign and Netscape strongly encourage you to put one or more of the following tools on your Web site:

    1. THE BROWSER SECURITY UPGRADE TOOL: This simple JavaScript automatically checks the security status of your visitors' browsers. If an affected Netscape browser is detected, the tool opens a new browser window and offers upgrade instructions to help browser users download the newest version of Netscape's browser (4.7).
      Go to http://www.verisign.com/server/cus/rootcert/codesigning.html, where you'll find the link to download the Browser Security Upgrade tool to run on your site.

    2. BROWSER UPGRADE BUTTON: This tool is similar to the Browser Security Upgrade Tool. However, this version does not automatically open a new browser window. Instead, it produces an "Upgrade Your Browser" button if, and only if, it detects an affected Netscape browser. The tool and instructions for installing the Browser Upgrade Button are included with the Browser Security Upgrade tool at http://www.verisign.com/server/cus/rootcert/codesigning.html

  • For users who don't upgrade, here is a sample message you may wish to post on your site after December 31, 1999: "Did you encounter a message stating 'Smart Update failed: Jar archive failed security check. Issuer certificate is invalid.' when you tried to download our application? If you are using a Netscape browser, version 4.01 to 4.05, you will not be able to download this application successfully. You must first upgrade your browser."
If after reviewing the information linked to above, you have specific questions about root CA certificate rollover, e-mail CA-rollover@verisign.com, or call Verisign Customer Service at 650-429-3400.
Created : 12/1/2002 12:00:00 AM (last modified : 8/22/2002 11:26:34 AM)
Rate this article!
 
Comments