We're using the XA integration library provided as part of the MSSQL JDBC driver.
In the MSSQL log, we observe the following message:
Failed to verify the Authenticode signature of 'C:\Program Files\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQL\Binn\SQLJDBC_XA.dll'. Signature verification of SQL Server DLLs will be skipped. Genuine copies of SQL Server are signed. Failure to verify the Authenticode signature might indicate that this is not an authentic release of SQL Server. Install a genuine copy of SQL Server or contact customer support.
The version of MSSQL is:
Microsoft SQL Server 2016 (SP1) (KB3182545) - 13.0.4001.0 (X64) Oct 28 2016 18:17:30 Copyright (c) Microsoft Corporation Developer Edition (64-bit) on Windows Server 2012 R2 Standard 6.3 <X64> (Build 9600: ) (Hypervisor)
Looking at the digital signature of the SQLJDBC_XA.dll in question, it appears to have a valid trust path. The package has been downloaded from the Microsoft site here: https://learn.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver15#82
The specific version we're using is the x64 8.2.2 release. The validity period of the Authenticode signature ends 5/2/2020, and I assume that this is what is triggering this warning. However, the other components in the Binn directory of the MSSQL 2016 installation have Authenticode signatures with long-expired validity periods as well.
What is the reason for the warning, and how should it be resolved?