I have an InstallShield project which, among other things, installs JRE 7u51 by simply calling: jre-7u51-windows-i586.exe /s
When deploying this setup on a vCloud-based virtual machine, we receive the notorious ‘revocation information for the security certificate for this site is not available’.
The reason, as it turned out, is that the jre installer attempts to query a certain web site in order to validate the certificate revocation status of the Java Auto-Updated; and, since the requests comes from a vCloud machine, the web site tries to return the answer to the internal IP, while the server is only accessible through its external IP.
Since we don’t want the auto-update feature anyway (some of our customers are not even connected to the Internet), the solution was to disable auto-updating all together. This is achieved by installing jre with certain MSI parameters.
But here’s another caveat – the jre exe installer does not pass parameters to the MSI when using /v … hence, the solution must be to use the msi directly. Here is how to do it:
1. Run the usual jre installation. While running (or afterwards), open the following folder: %USERPROFILE%\AppData\LocalLow\Sun\Java
2. In that folder, copy the jre1.7.0_51.msi and Data1.cab to another location
3. Change your installation script to deploy jre using the command:
msiexec /i jre1.7.0.msi AUTOUPDATECHECK=0 IEXPLORER=1 JAVAUPDATE=0 JU=0 MOZILLA=1 /qn ALLUSERS=2
4. Test the installation. You should now have no auto-update, and no certificate revocation warning.