Reset Search
 

 

Article

KB14058 - Pulse Secure Code signing certificate expiry dates and release information

« Go Back

Information

 
Last Modified Date1/26/2017 10:28 PM
Synopsis
This article provides information about the expiry dates and release information of the Pulse Secure code signing certificate.
Problem or Goal
Pulse Secure uses a Code Signing certificate (issued by VeriSign), which is valid for three years. This code signing certificate is used to sign Pulse Secure's Active-X controls, Java Applets (including HOB Applet), and other binaries/exe's that are related to PCS device.

If you are running a version of PCS that has an expired certificate, then end users, who are running a JVM, will see a warning from the browser, when launching JSAM or using the Pulse Secure Setup applet (used by Java delivery to deliver the Pulse Secure client components such as Host Checker, WSAM, Network Connect, and so on).

Note: The expiration of Pulse Secure's code signing certificate does not affect customers that upload their own code signing certificate to sign the Pulse Secure Web Controls.  This setting is available under Admin UI > Configuration > Certificates > Code-Signing Certificates.
Cause
End users will receive the certificate expired prompt, when launching Network Connect, JSAM or HOB Applet on their client machine.  The following applets will utilize the code signing certificate associated with the build release below.  If the certificate has exceeded the expiration date, please upgrade to a build release with a current, valid certificate.
Solution
To avoid the warning message, upgrade to a version that has an unexpired code signing certificate. The following table lists the code signing certificate expiry dates and corresponding PCS version numbers:
 
Certificate ExpiringPCS / PPS versions
Expiring Jan 14, 2019Used in PCS 8.1R8 and higher (PPS 5.2R8 and higher, Pulse Secure Desktop 5.1R8 and higher), PCS 8.2R1 and higher (PPS version 5.3R1 and higher, Pulse Secure Desktop 5.2R1 and higher)

Note:  PCS 8.1R8 / PPS 5.2R and higher and PCS 8.0R15 / PPS 5.0R15 and higher will experience an expired certificate message for the Java version of the Pulse Secure Setup Client.  For more information, refer to KB40409 - After Jan. 23rd, 2017, Pulse Secure Setup client will be blocked by Java due to an expired or not-yet-valid certificate.
Expiring Oct 3rd, 2017Used in 8.2R1, Pulse 5.2R1 and C5.3R1
Expiring Jan 23rd, 2017Used in PCS 8.0R3 - 8.0R14 (PPS 5.0R3 to 5.0R14, Pulse Secure Desktop 5.0R3 - 8.0R14), PCS 8.1R1 - 8.1R7 (PPS 5.2R1 to 5.2R7, Pulse Secure Desktop 5.1R1 to 5.1R7) 
Expiring April 10th, 2015Used in PCS 7.1R9 and higher, 7.2R3 and higher (PPS version 4.2R3 and higher and Pulse Secure Desktop version 3.0R3 and higher), 7.3R1 - 7.3R10 (PPS version 4.3R1 and higher and Pulse Secure Desktop version 3.1R1 - 3.1R10), 7.4R1 - 7.4R9 (PPS OS version 4.4R1 and higher and Pulse Secure Desktop version 4.0R1 and higher), 8.0R1 - 8.0R3 PPS OS version 5.0R1 -5.0R3 and Pulse Secure Desktop version 5.0R1 -5.0R3)
Expiring March 30th, 2014Used in IVE OS 6.5R10 and higher, 7.0R7, 7.1R3 (UAC/IC OS version 4.1R3 and Pulse Desktop version 2.0R3)
Expiring November 23rd, 2012Used in PCS 6.3R8 and higher, 6.4R5 and higher, 6.5R3 to 6.5R9
Expiring November 24th, 2011Used in PCS 6.4R1 to 6.4R4, 6.3R5 to 6.3R7, 6.2R6 and higher, 6.1R8 and higher, 6.0R11 and higher
Expiring March 8th, 2010Used in PCS 6.3R1 to 6.3R4, 6.2R1.1 to 6.2R5, 6.1R1 to 6.1R7 and 6.0R1 - 6.0R10
Expired on March 28th, 2009Used in PCS 5.5R1, 5.4R1, 5.3R2, 5.2R4, 5.1R8, 5.0R6.1, 4.2R8.1 and higher


Workaround:

To workaround the issue, add the PCS / PPS URL to the Java exception list.  The instructions can be found at: https://www.java.com/en/download/faq/exception_sitelist.xml.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255