Several things to address here.
In the first step, renaming the files to their sha1 value and placing them in the wwwrootbes/bfmirror/downloads/sha1 folder should allow the server to skip downloading the files at all. I would check that you do have the correct download files, that the files’ sha1 values match the files’ content, and that the fixlet action references the correct sha1. A common scenario can happen when Oracle replaces the download binaries, and the fixlets may be out of date.
You can use the Bigfix-provided sha1.exe tool to check the files, or in the Fixlet Debugger use
(size of it, sha1 of it, sha256 of it) of file "c:\temp\myjavafile.exe" to check that it matches the expected values.
Part 2, when adding values to the DownloadWhiteList file, the values there are Regular Expressions, not string literals. I won’t be able to check mine until Tuesday, but the “.” Has a special significance as a wildcard character, and should be escaped via a backslash; “
*” has a special value as a repeater. So the values should look something like
The dots in the hostname are escaped so they are literal “.” characters, and after the trailing forwardslash “.*” acts as “any number of wildcard characters”.
But if you are getting a 404 error from the manual repo, that implies the server is trying to do the download - so it’s ok with the download whitelist.
Error 404 is “page not found”. Can you manually download the file from the IIS server? The Download Status pane in the action status should show the exact URL it is trying to download, can you try that download link manually? I’m not sure whether the client setting is supposed to have the trailing backslash included, so check whether it’s trying to download http://your.repo.server/installers//jre9.whatever.exe (with two slashes after the repo path)