Using signed jar files

In a Java SE environment, Derby can detect digital signatures on jar files. When attempting to load a class from a signed jar file stored in the database, Derby will verify the validity of the signature.

Note: The Derby class loader only validates the integrity of the signed jar file and verifies that the certificate has not expired. Derby cannot ascertain whether the validity or identity of declared signer is correct.

When loading classes from an application jar file in a Java SE environment, Derby behaves as follows if the class is signed:

For more information about signed jar files, see http://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html.

Related concepts
Basic security configuration tasks
Configuring database encryption
Configuring SSL/TLS
Understanding identity in Derby
Configuring user authentication
Configuring user authorization
Restricting file permissions
Putting it all together