Replacing the Java Code Signing Certificate on the ASA 55xx VPN/Firewall Appliance

Hi,
basically I am trying to achieve what's documented in
http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/asarn80.html#wp242704
(using ASDM: "crypto ca import" = Remote Access VPN -> Certificate Management -> Code Signer -> Import)
I give it a complete PKCS12 bundle (unencrypted private key + certificates up to the root CA) to the ASA.
I can indeed verify that it has been imported correctly by exporting it again:
crypto ca export CodeSignerBundle pkcs12 1234
It shows me the private key and all the certificates.
However, the jars used in WebVPN, while carrying the correct certificate, don't have a full certification chain at their disposal:
Using jarsigner -verify I see on a random file from the jar:
sm       905 Fri Nov 30 00:00:00 CET 1979 Java/lang/CpUtf8.class
      X.509, CN=COMMONNAME, O=ORGANIZATION, L=LOCATION, ST=STATE, C=COUNTRY
      [certificate is valid from 8/1/13 4:30 PM to 8/1/16 4:30 PM]
      X.509, CN=LuxTrust Qualified CA, O=LuxTrust S.A., C=LU
      [certificate is valid from 6/5/08 11:25 AM to 10/18/16 12:40 PM]
      [CertPath not validated: Path does not chain with any of the trust anchors]
Indeed the certificate file inside the jar (META-INF/.....RSA) does not contain what I uploaded to the ASA. One of the intermediary certificates is missing (while another certificate is listed twice).
What could be the problem here? (ASA v8.2(5))
Thanks for any help,
Marki

It may be that a ip address pool is not assigned to the default webvpn group:
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool testpool

Similar Messages

How to use Java code signing certificate in oracle 11i

Hello,
I am try to configure java code signing certificate in 11.5.10.2 application. we got java sign certificate from verisgin. SA's imported the certificate and created alias XXX_XXX with password and passphrase.
I am able to see the my certificate. keytool -list -v -keystore xxx_xxxx.jks -storepass Password.
how do I use it. I am using Enhance Jar Signing for EBS DOC ID 1591073.1.
could you please give me some advice on it?
Thanks
Prince

Hussien,
I find out apps keystore keypassword and storepassword, I imported the java code sign certificate. I generated Jar files through adadmin, but I am getting warning error
adogif() unable to generate Jar Filers under JAVA_TOP.
executing /usr/jdk/jdk1.6.0_45/bin/java sun.security.tools.JarSigner keysotre **** -sigfile CUST Signer /apps/......
Error JarSigner subcommand Exited With status 1.
No standard output from jarsigner JarSigner error output: Exception in thread "main" java.lang.NoClassDefFoundError: sun/security/tools/JarSigner Caused by: java.lang.ClassNotFoundException: sun.security.tools.JarSigner at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) Could not find the main class: sun.security.tools.JarSigner. Program will exit. WARNING: The following path(s), defined in /apps2/property/product/tst/appl/cz/11.5.0/java/make/czjar.dep as elements of the output: oracle/apps/cz/runtime/tag WARNING: Copying cztag.lst from the old fndlist.jar ... About to Analyze flmkbn.jar : Fri Nov 22 2013 10:45:51
Please let me know if you have any idea. Thanks Prince

Specifying Schema Location in XML file and not in the Java code

I have a repository of schema xsd files. When I receive my xml file, I need to validate it against the specified schema. The xml file would declare the schema location, using the following syntax:
<CERD:CERD xsi:schemaLocation = "..\CERD.xsd" xmlns:CERD = "CERD.xsd" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance">
Is it really necessary to define the schema location again in the JAVA code? Why set the schemaLocation in the xml file at all then?
Does anybody have any examples where the schema location is not set in the JAVA code? I am using Java 1.6, and at this point in time I only need to validate. Any help would be appreciated.

Thank you very much for your quick reply. I have made some progress but I am still stumped.
In my code I am doing this:
SchemaFactory factory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
Schema schema = factory.newSchema();
Validator validator = schema.newValidator();
validator.validate(XML_SOURCE);
I find this works if my schema does not have a target namespace. I have downloaded the following simple example from the internet that uses a target namespace and it fails:
library1.xsd:
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
targetNamespace="http://example.org/prod"
xmlns:prod="http://example.org/prod">
<xsd:element name="product" type="prod:ProductType"/>
<xsd:complexType name="ProductType">
<xsd:sequence>
<xsd:element name="number" type="xsd:integer"/>
<xsd:element name="size" type="prod:SizeType"/>
</xsd:sequence>
<xsd:attribute name="effDate" type="xsd:date"/>
</xsd:complexType>
<xsd:simpleType name="SizeType">
<xsd:restriction base="xsd:integer">
<xsd:minInclusive value="2"/>
<xsd:maxInclusive value="18"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:schema>
<prod:product xmlns:prod="http://example.org/prod"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="library1.xsd"
effDate="2001-04-02">
<number>557</number>
<size>10</size>
</prod:product>
I get the following SAXParseException when I validate:
[line 4, col 36|
cvc-elt.1: Cannot find the declaration of element 'prod:product'.
Am I doing something wrong with the namespace declaration?
Edited by: alfredamorrissey on Oct 31, 2007 6:34 AM

Renew code signing certificate mountain lion server

Hello to all
Can you please let me know if there is a way to renew the self code signing certificate for server WITHOUT re enroll all devices?
We have 500 iPads enrolled and the code signing certificate expires in 2 weeks...
So it's really critical not to re enroll all devices .
Is there any way to do this?
Thank you for you help.

When I put this in I am just getting the following response
Usage: certadmin
    --get-private-key-passphrase [path]
      Retrieve the passphrase for the private key at [path] from the keychain
    --default-certificate-path
      Retrieve the full path for the default certificate
    --default-certificate-authority-chain-path
      Retrieve the full path for the default certificate authority chain
    --default-private-key-path
      Retrieve the full path for the default private key
    --default-concatenation-path
      Retrieve the full path for the default certificate + private key concatenation
    --create-default-self-signed-identity
      Creates a default self signed identity (certificate + private key) using the hostname
    --recreate-self-signed-certificate subject serial_number
      Recreate an existing self signed certificate
    --recreate-CA-signed-certificate subject issuer serial_number
      Recreate an existing certificate signed by an OpenDirectory CA
where you have "192173c1c is this meant to be the serial number?

Managing Windows Phone's and Symantec Code Signing certificate

Hi,
We need to renew the code signing certificate from Symantec. However, we only use it to manage the Windows Phone devices and don't publish apps. Do we still need to spend $300 on renewing this cert? Can't I manage them for free like our iOS and Android devices?

You REQUIRE the Symantec Code Signing Certificate to manage Windows Phones via Windows Intune. This is a requirement of the device rather than the management solution.
You CAN manage Windows Phones without this cert using only Exchange active sync management in Intune. However this management is very basic and has no advanced features (basically the features provided by Exchange rather than Intune).
Gerry Hampson | Blog:
www.gerryhampsoncm.blogspot.ie | LinkedIn:
Gerry Hampson | Twitter:
@gerryhampson

Adobe code signing certificate revocation and SCCM

We have many install packages for different Adobe products in SCCM 2007 but nothing that would have been obtained or downloaded from Adobe since July 10, 2012. Does that mean we don’t have to do anything? Is that a correct interpretation of your statements about the Adobe code signing certificate revocation issue?

Yes. That's correct.

Lion Server: Why is our Code Sign Certificate not accepted ?

Hello,
our Lion Server (10.7.5) is running fine, but since we restored it from a back-up Profile Manager no longer accepts the Code Signing certificate despite the fact that it is shown as valid in Server App's Manage Certificates.
I tried everything from deleting the device manager postgrep db, and restoring it as described in
https://discussions.apple.com/thread/3791994?start=0&tstart=0
Backup and delete db:
sudo pg_dump -U _postgres -c device_management > $HOME/device_management.sql
/usr/share/devicemgr/backend/wipeDB.sh
Restore the db :
sudo serveradmin stop devicemgr
sudo serveradmin start postgres
sudo psql -U _postgres -d device_management -f $HOME/device_management.sql
sudo serveradmin start devicemgr
I tried to recreate the Code Sign certificate as described in:
http://support.apple.com/kb/HT5358
The certificate is successfully created but it is just NOT accepted. (It does not show in the "Sign Configuration Profiles" dialog)
I would be very, very grateful for a hint.
(When running the server from the external clone, from which we copied the server back, the problem is not present)
Regards,
Twistan

This also applies to the 470 IDES install!
Any ideas?
Tx JB

"Invalid Provisioning Profile. The provisioning profile included in the bundle {BUNDLENAME} [{BUNDLENAME}.app] is invalid. [Missing code-signing certificate.]" for brand new, vanilla Mac App

In OS X Maverick's XCode, I created a brand new Mac > "Cocoa Application", with Core Data and Spotlight Importerl; about as vanilla a Cocoa application I could muster.
Under Preferences > Accounts, I signed in to my Mac Developer Account.
In Targets > Identity, I set Signing to "Mac App Store", and was able to select my Mac Developer Account for "Team".
I then went to Product > Clean, and then Product > Build for... > Running, and then Produt > Archive.
In the Organizer, I select the resulting .app and click "Validate", and hit the Mac App Store radio, and hit "Next", and it's able to log into my Mac Developer Account.
I select my Provisioning Profile in the dropdown, and click "Validate".
It comes back with several errors:
1 - "Invalid Provisioning Profile. The provisioning profile included in the bundle {BUNDLENAME} [{BUNDLENAME}.app] is invalid. [Missing code-signing certificate.] For more information, visit the Mac OS Developer Portal."
2 - "The bundle identifier cannot be changed from the current value, '{DIFFERENT-BUNDLE-FROM-OTHER-PROJECT}'. If you want to change your bundle identifier, you will need to create a new application in iTunes Connect.
3 - Invalid Code Signing Entitlements. The entitlements in your app bundle signature do not match the ones that are contained in the provision profile. The bundle contains a key that is not included in the provisioning profile: 'com.apple.applications-identifier' in '{BUNDLENAME}.app/Contents/MacOS/{BUNDLENAME}'
I was able to do the same process before, for a vanilla app, before Mavericks. I'm not sure if this is a Mavericks error, or a fact that now I have multiple app projects. Particularly odd is that DIFFERENT-BUNDLE-FROM-OTHER-PROJECT in error (2) is not the same bundle name as the current project's bundle.
Would love any help you can provide! Thank you!

Seen this thread?
New codesign behavior, --deep option
"Code signing has some interesting changes in Mavericks (that apparently haven't made it into the release notes yet...). Note that this is a change to the operating system, not to the devtools."

The name ("common name") of a valid code-signing certificate in a keychain within your keychain path. A missing or invalid certificate will cause a build error. [CODE_SIGN_IDENTITY]

The name ("common name") of a valid code-signing certificate in a keychain within your keychain path. A missing or invalid certificate will cause a build error. [CODE_SIGN_IDENTITY]

If you could ask a coherent question, maybe...
Perhaps you should be posting in the developers forums...

Java security error after 8u31 (Timestamped Jarsigned Applet within valid period of Code Signing certificate)

Hello,
I have an applet running in embeddad systems. This program runs without any problem since 8u31 update! After this update it starts to give java security warning and stops running.
Here is the warning message:
"Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running"
What it says is true; my Code Signing Certificate (CSC) is valid between 24 Jan 2014 and 25 Jan 2015. And it expired! However, while i was signing my applet with this certificate i used "timestamp". The authority i choosed was DigiCert. My signing date was 26 Jan 2014 (when my CSC was valid).
When i started to have this Java Security Error, first i thought i mis-timestamped my code, and check by using the jarsigner -verify command. Here is a partial result:
s      19607 Mon Jan 27 13:17:34 EET 2014 META-INF/MANIFEST.MF
      [entry was signed on 27.01.2014 13:19]
      X.509, CN=TELESIS TELECOMMUNICATION SYSTEMS, OU=ARGE, O=TELESIS TELECOMMUNICATION SYSTEMS, STREET=TURGUT OZAL BLV.NO:68, L=ANKARA, ST=ANKARA, OID.2.5.4.17=06060, C=TR
      [certificate is valid from 24.01.2014 02:00 to 25.01.2015 01:59]
      X.509, CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
      [certificate is valid from 24.08.2011 03:00 to 30.05.2020 13:48]
      X.509, CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
      [certificate is valid from 07.06.2005 11:09 to 30.05.2020 13:48]
      X.509, CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
      [certificate is valid from 30.05.2000 13:48 to 30.05.2020 13:48]
sm       495 Thu Jan 23 14:55:22 EET 2014 telesis/WebPhone$1.class
As you may see the timestamp was correctly done. And it is in the valid period of CSC.
Than i started to check how Java confirms the Certificate, and found some flowcharts.
Here is an example from DigiCert:
Code Signature Verification Process
After the Web browser downloads the Applet or Web Start application, it checks for a timestamp, authenticates the publisher and Certificate Authority (CA), and checks to see if the code has been altered/corrupted.
The timestamp is used to identify the validation period for the code signature. If a timestamp is discovered, then the code signature is valid until the end of time, as long as the code remains unchanged. If a timestamp is not discovered, then the code signature is valid as long as the code remains unchanged but only until the Code Signing Certificate expires. The signature is used to authenticate the publisher and the CA, and as long as the publisher (author or developer) has not been blacklisted, the code signature is valid. Finally, the code is checked to make sure that it has not been changed or corrupted.
If the timestamp (or Code Signature Certificate expiration date) is verified, the signature is validated, and the code is unchanged, then the Web browser admits the Applet or Web Start application. If any of these items do not check out, then the Web browser acts accordingly, with actions dependent on its level of security.
So according to this scheme, my applet had to work properly, and without security warning.
However i also found that from Oracle, which also includes the timestamping authorities Certification validity period??? :
The optional timestamping provides a notary-like capability of identifying
when the signature was applied.
    If a certificate passes its natural expiration date without revocation,
trust is extended for the length of the timestamp.
    Timestamps are not considered for certificates that have been revoked,
as the actual date of compromise could have been before the timestamp
occurred.
source: https://blogs.oracle.com/java-platform-group/entry/signing_code_for_the_long
So, could anyone please explain why Java gives security error when someone tries to reach that applet?
Here is a link of applet: http://85.105.68.11/home.asp?dd_056
I know the situation seems a bit complicated, but i tried to explain as simple as i can.
waiting for your help,
regards,
Anıl

Hello,
I have an applet running in embeddad systems. This program runs without any problem since 8u31 update! After this update it starts to give java security warning and stops running.
Here is the warning message:
"Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running"
What it says is true; my Code Signing Certificate (CSC) is valid between 24 Jan 2014 and 25 Jan 2015. And it expired! However, while i was signing my applet with this certificate i used "timestamp". The authority i choosed was DigiCert. My signing date was 26 Jan 2014 (when my CSC was valid).
When i started to have this Java Security Error, first i thought i mis-timestamped my code, and check by using the jarsigner -verify command. Here is a partial result:
s      19607 Mon Jan 27 13:17:34 EET 2014 META-INF/MANIFEST.MF
      [entry was signed on 27.01.2014 13:19]
      X.509, CN=TELESIS TELECOMMUNICATION SYSTEMS, OU=ARGE, O=TELESIS TELECOMMUNICATION SYSTEMS, STREET=TURGUT OZAL BLV.NO:68, L=ANKARA, ST=ANKARA, OID.2.5.4.17=06060, C=TR
      [certificate is valid from 24.01.2014 02:00 to 25.01.2015 01:59]
      X.509, CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
      [certificate is valid from 24.08.2011 03:00 to 30.05.2020 13:48]
      X.509, CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
      [certificate is valid from 07.06.2005 11:09 to 30.05.2020 13:48]
      X.509, CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
      [certificate is valid from 30.05.2000 13:48 to 30.05.2020 13:48]
sm       495 Thu Jan 23 14:55:22 EET 2014 telesis/WebPhone$1.class
As you may see the timestamp was correctly done. And it is in the valid period of CSC.
Than i started to check how Java confirms the Certificate, and found some flowcharts.
Here is an example from DigiCert:
Code Signature Verification Process
After the Web browser downloads the Applet or Web Start application, it checks for a timestamp, authenticates the publisher and Certificate Authority (CA), and checks to see if the code has been altered/corrupted.
The timestamp is used to identify the validation period for the code signature. If a timestamp is discovered, then the code signature is valid until the end of time, as long as the code remains unchanged. If a timestamp is not discovered, then the code signature is valid as long as the code remains unchanged but only until the Code Signing Certificate expires. The signature is used to authenticate the publisher and the CA, and as long as the publisher (author or developer) has not been blacklisted, the code signature is valid. Finally, the code is checked to make sure that it has not been changed or corrupted.
If the timestamp (or Code Signature Certificate expiration date) is verified, the signature is validated, and the code is unchanged, then the Web browser admits the Applet or Web Start application. If any of these items do not check out, then the Web browser acts accordingly, with actions dependent on its level of security.
So according to this scheme, my applet had to work properly, and without security warning.
However i also found that from Oracle, which also includes the timestamping authorities Certification validity period??? :
The optional timestamping provides a notary-like capability of identifying
when the signature was applied.
    If a certificate passes its natural expiration date without revocation,
trust is extended for the length of the timestamp.
    Timestamps are not considered for certificates that have been revoked,
as the actual date of compromise could have been before the timestamp
occurred.
source: https://blogs.oracle.com/java-platform-group/entry/signing_code_for_the_long
So, could anyone please explain why Java gives security error when someone tries to reach that applet?
Here is a link of applet: http://85.105.68.11/home.asp?dd_056
I know the situation seems a bit complicated, but i tried to explain as simple as i can.
waiting for your help,
regards,
Anıl

Error MSB3323: Unable to find manifest signing certificate in the certificate store.

Problems began when I received the MSDN Final VS 2005 v8.0.50727.42 and uninstalled the RC build which I had worked with without issue and replaced it with the previously mentioned.
After four or so installs/uninstalls I got past the Invalid license data. Reinstall is required. http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=162712&SiteID=1
I have tested C++ project builds for managed and unmanaged code and both work without a problem. My C# projects however fail to build, the error I get is:
------ Rebuild All started: Project: D And P, Configuration: Release Any CPU ------
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Common.targets(1718,7): error MSB3323: Unable to find manifest signing certificate in the certificate store.
Done building project "D And P.csproj" -- FAILED.
========== Rebuild All: 0 succeeded, 1 failed, 0 skipped ==========
If anyone has any idea of what a next step is please let me know.

I got the same problem but I was tring to strong name my application. I was able to solve the problem by opening the XXX.csproj file in a text editor (notepad.exe) and remove the following tags from the XML.
<ManifestCertificateThumbprint>...</ManifestCertificateThumbprint>
<ManifestKeyFile>...</ManifestKeyFile>
<GenerateManifests>...</GenerateManifests>
<SignManifests>...</SignManifests>
It seem that someone (another member of my team) was playing with the OneClick stuff, but didn't check in the strong name key files he used. But did check in the project file.
Then when I created the new strong name key file and signed the EXE, something was out-of-sync with the above tags in the probject file and the new key file.
Removing these tags may be a bad thing (someone from MS will need to comment) but it worked for me.

Application failed code signing verification. The signature was invalid

Hi,
Earlier we have created iPhone app with adobe air and uploaded it to iOS store. Now we have updated the app and used a new .p12 file and it is generated from a new CSR file and created the build. But while uploading the build from application loader it is giving the following error.
"Application failed code signing verification. The signature was invalid contains disallowed entitlements or it was not signed with an iPhone distribution Certificate"
With the same certificate file we have uploaded two more apps developed in HTML5, jQueryMobile and Phonegap. These apps should not effect while we upload the Adobe air iPhone app.
Please help us to fix the issue.

I am fairly certain the issue is you are submitting an update to an existing app with a new cert. The other apps work just fine because they are not updates, but new submissions to the app store. You will need to use the same certs that you used with the initial submission.

Test.jsp not able to display the output from the java code.

when i try to invoke http://localhost/papz/test.jsp
I dont see anything. The page is blank. And there are no error messages in any log files. When i click on view source in IE i get to see the entire source code, including the jave code.
<html>
<head>
<title>Test</title>
<body>
<%
out.println("Hello World");
%>
asdfasdfasdf
</body>
</html>
i added in the asdfasdf to see whehter it will be printed or not... It does print that stuff out.
when i try to invoke the login.jsp page, i get the dialog box "save this file to disk"
Any clues whats going on...?
I followed the instructions...over and over again... but it doesnt seem to help.
win nt 4.0
apache 1.3.12
jserv 1.1.1
Pls help. Thanks

Hi,
Have you solved your problem?
I4m trying to do the same, but I installed portal 30, then portal to go, and when I try to run test.jsp I get the following error:
Request URI:/papz/test.jsp
Exception:
java.lang.NoSuchMethodError: oracle.jsp.util.JspUtil: method
stripTarget(Ljava/lang/String;C)Ljava/lang/String; not found
Thanks
Pablo Lopera
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by NewBie:
when i try to invoke http://localhost/papz/test.jsp
I dont see anything. The page is blank. And there are no error messages in any log files. When i click on view source in IE i get to see the entire source code, including the jave code.
<html>
<head>
<title>Test</title>
<body>
<%
out.println("Hello World");
%>
asdfasdfasdf
</body>
</html>
i added in the asdfasdf to see whehter it will be printed or not... It does print that stuff out.
when i try to invoke the login.jsp page, i get the dialog box "save this file to disk"
Any clues whats going on...?
I followed the instructions...over and over again... but it doesnt seem to help.
win nt 4.0
apache 1.3.12
jserv 1.1.1
Pls help. Thanks<HR></BLOCKQUOTE>
null

How to generate the java code of a table's data model by parsing it's FXML?

I have know how to create FXML file that describes a table. Meanwhile, according to [Oracle Tutorial|http://docs.oracle.com/javafx/2/fxml_get_started/fxml_tutorial_intermediate.htm#CACFEHBI], it is a best practice to implement a class that defines the data model and provides methods and fields to further work with the table.
However, It's rather cumbersome and time consuming to typing the code. So, is there any tools that can generate the java code of a table's data model by parsing it's FXML describe file?
Regards, Qinn
Edited by: 854675 on Oct 7, 2012 11:02 PM

I have know how to create FXML file that describes a table. Meanwhile, according to [Oracle Tutorial|http://docs.oracle.com/javafx/2/fxml_get_started/fxml_tutorial_intermediate.htm#CACFEHBI], it is a best practice to implement a class that defines the data model and provides methods and fields to further work with the table.
However, It's rather cumbersome and time consuming to typing the code. So, is there any tools that can generate the java code of a table's data model by parsing it's FXML describe file?
Regards, Qinn
Edited by: 854675 on Oct 7, 2012 11:02 PM

How to get the java code of the message mapping

how to get the java code of the message mapping,
I mean to ask how to get the background java code of the message mapping(graphical mapping).
And where to view it?

Hi Satya,
The JAVA code for graphical msg mapping is in below folder:
\usr\sap\<SID>\<DVEBMGS10>\j2ee\cluster\server0\temp\classpath_resolver
Here all the mapping jars are there in this folder.
Just decompile these jars and you can see the code.
Thanks,
Rajeev Gupta
Message was edited by:
RAJEEV GUPTA

Replacing the Java Code Signing Certificate on the ASA 55xx VPN/Firewall Appliance

Similar Messages

Maybe you are looking for