I have java applet in web application with Two-way SSL. Under IE11 and Java7u55 the applet pop ups Identification required. Please select certificate to be used for authentication. dialog box.
Is there any java plugin specification to explain that behavior? It Looks like the applet looses the ssl and try to recreate it again, doesn't it?
Java7u51 doesn't show this dialog box!
In applet's archive attribute I was setting the full path name to each JAR library (about 15).
The solution is to add codebase applet attribute to point the place where all JAR libraries reside.
Related
We have recently needed to change our SSL certificate on our server. Our consuming application has suddenly stopped working. I had presumed this was to do with Java's cacerts, and modified the program to import the new certificate to each client, the problem was not resolved.
When the application attempts to load the remote view (shown below) on the server, it simply loads a white page. I have tried loading the page through http:// and it seems to function, however the rest of the application (including the API) requires https, and subsequent calls to the API fail (images loaded through https are showing as broken within the app).
The website is functional, and when I access URL's being provided to the app, through my desktop browser they load without issue. The app is also functional when I run it in Debug mode, these issues only occur when I use the "Run" build mode.
I have tried creating a blank MAF application, hoping it was some caching issue, however this new app also cannot load the remote URI. I have done a clean build and have tested other remote URI's (they work). I feel as if there is an issue with Java somehow not accepting the new certificate. The first time I tried to load the website within Eclipse's browser, an error displayed along the lines of "certificate revocation information". I didn't pay much attention to this error and it provided the option to install the new certificate, after which the page loaded within eclipse's browser.
In Jdeveloper there is an option of Disabling the Application Transport Security as shown in the image.
Could you try disabling in your eclipse too, Kindly refer this doc https://wiki.eclipse.org/Jetty/Howto/Configure_SSL, this might do a little help :)
The issue seems to be due to the changed SSL certificate on your server.
Short answer:
There was no chain installed, I installed the provided ca-bundle file and updated the httpd.conf file to reflect the chain location and the app now works.
Long answer:
When our server dev installed the new certificate, he neglected to install the ca-bundle (certificate chain) provided by the CA. The site was working in a browser, I can only assume, because it has a more complete list of trusted CA's built in. My best guess is that MAF requires the chain to be installed and was failing some security test, or the chrome webview it uses did not have this CA on the trusted list.
I know a real Java Applet on a Website should be officially signed to work properly and have full access. I just want to test the functionality of a java applet on my localhost without buying a certificate. So the question to me is can a self signed Java Applet have full permissions if executed on the localhost?
Yes, but it might involve changing the security settings of the Java plug-in and the browser.
I'm trying to test a java applet that I'm working on, which is running on my VM. When I try to run it from any of my browsers in windows, I get the message "The Java security settings have prevented this application from running".
In the Java control panel, I've added the domain and the specific page to the list of site exceptions. I've imported the self-signed certificate and added it to the list of Trusted Authorities. I've also set the security level to Medium.
In the applet's manifest.mf file, I've got the codebase set to "*" (I initially had it set more specifically but made it lenient just to make sure that wasn't the issue).
I'm not sure what else to try in order to get this applet to run
It turns out the problem was with my manifest.mf file. I had changed the Codebase but not the Application-Library-Allowable-Codebase. Setting:
"Application-Library-Allowable-Codebase: *"
fixed my problem.
When I trying to run Java Applet it prompts Security Block which stops running applet in Firefox. Then I tried it on Chrome, same result.
How can I disable security in java?
Go and click on start button.
Type "Configure Java" and Enter.
Click on Security tab in Java Configure Panel window.
Set security level to Medium.
Click Apply, Ok.
Now you can run Java Applet in your browser.
If this is not working try to reinstall latest Java update in your computer.
Link for download java http://java.com/en/download/index.jsp
Hope this will help you. :)
You need to sign your applet so it could be trusted by the browsers either by issuing a certificate from one of the CAs supported by the browsers or sign it with a certificate which is trusted by your internal CA
I am using the SWT Browser Widget to load the image of a webcam-server via HTTPS. Sadly the webcam-server certificate is untrusted. I tried to 2 variants to load the image:
Browser.setHTML(String)
Load the image using HTML+JavaScript every second. This is the prefered way to avoid flickering. This works very fine for HTTP, if i have a HTTPS connection i will see noting at all except my alternative text.
Browser.setUrl(String)
Load the image by setting the URL every second. This causes massiv flickering because of the reload, wich is unacceptable. I tried this variant with all available SWT-Browsers. If i use SWT.WEBKIT or SWT.MOZILLA (XulRunner) i have no chance at all to get the image. An dialog pop up and tell me the certificate is untrusted with no option to accept it. If i use SWT.NONE the IE is used (i am on WinXP) and the pop-up dialog ask if i want to trust the cert, after pressing OK i can see the image.
Here at Stackoverflow i found: how-to-import-a-ssl-certificate-file-with-swt-browser.
But i unable to find the cert_override.txt in my XULRunner, and i am unable to find a download link for the Personal Security Manager (like many others) !
How can i allow the untrusted certificate, use variant 1 and XULRunner aka MOZILLA ? Is it possible to do it programmatically ?
cert_override.txt is located in the user's profile. On Windows the directory for XULRunner's user profiles is %APPDATA%\<vendor>\<product>\Profiles\<something>.default, on OS X /Library/Application Support/<product>/Profiles/<something>.default, on Linux ~/.<vendor>/<product>/Profiles/<something>.default. At runtime you can use nsIDirectoryService to locate the directory (ProfD is the key for this directory).
You can either write to the user's profile directly from your application or add a copy of cert_override.txt to your XULRunner application to be copied into all user profiles created (it would have to be put under defaults/profile/cert_override.txt in the XULRunner application directory). Note that the latter will only have an effect on new profiles being created, not on profiles that already exist.
Btw, the simplest way to create a cert_override.txt file would be accepting an untrusted certificate in Firefox and then copying the entry from the Firefox profile to the XULRunner profile.