diff --git a/src/share/classes/sun/security/tools/JarSigner.java b/src/share/classes/sun/security/tools/JarSigner.java
index 4d0e032819e8b59c107c64bab7dccb2a600bb0bb..2692a515a832cacf5c7e4e7c3f3767996999c8ca 100644
--- a/src/share/classes/sun/security/tools/JarSigner.java
+++ b/src/share/classes/sun/security/tools/JarSigner.java
@@ -1238,10 +1238,13 @@ public class JarSigner {
                 // Provide a helpful message when TSA is beyond a firewall
                 error(rb.getString("unable.to.sign.jar.") +
                 rb.getString("no.response.from.the.Timestamping.Authority.") +
-                rb.getString("When.connecting.from.behind.a.firewall.then.an.HTTP.proxy.may.need.to.be.specified.") +
+                rb.getString("When.connecting.from.behind.a.firewall.an.HTTP.or.HTTPS.proxy.may.need.to.be.specified.") +
                 rb.getString("Supply.the.following.options.to.jarsigner.") +
-                "\n  -J-Dhttp.proxyHost=<hostname> " +
-                "\n  -J-Dhttp.proxyPort=<portnumber> ", e);
+                "\n  -J-Dhttp.proxyHost=<hostname>" +
+                "\n  -J-Dhttp.proxyPort=<portnumber>\n" +
+                rb.getString("or") +
+                "\n  -J-Dhttps.proxyHost=<hostname> " +
+                "\n  -J-Dhttps.proxyPort=<portnumber> ", e);
             }
 
             sfFilename = sf.getMetaName();
diff --git a/src/share/classes/sun/security/tools/JarSignerResources.java b/src/share/classes/sun/security/tools/JarSignerResources.java
index c3d8a6e38ec0ad0e99c0936edde23864fb0d2b45..cfa83abe6a0b5c97b36f9a7f8e640fca8b575ed5 100644
--- a/src/share/classes/sun/security/tools/JarSignerResources.java
+++ b/src/share/classes/sun/security/tools/JarSignerResources.java
@@ -182,10 +182,11 @@ public class JarSignerResources extends java.util.ListResourceBundle {
         {"TSA.certificate.", "TSA certificate: "},
         {"no.response.from.the.Timestamping.Authority.",
                 "no response from the Timestamping Authority. "},
-        {"When.connecting.from.behind.a.firewall.then.an.HTTP.proxy.may.need.to.be.specified.",
-                "When connecting from behind a firewall then an HTTP proxy may need to be specified. "},
+        {"When.connecting.from.behind.a.firewall.an.HTTP.or.HTTPS.proxy.may.need.to.be.specified.",
+                "When connecting from behind a firewall an HTTP or HTTPS proxy may need to be specified. "},
         {"Supply.the.following.options.to.jarsigner.",
                 "Supply the following options to jarsigner: "},
+        {"or", "or"},
         {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
                 "Certificate not found for: {0}.  {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."},
         {"using.an.alternative.signing.mechanism",