Reputation: 41
Lose JRE 7 Security Alerts and Warnings
I have a server with JRE 6 installed, i used to run an applet from the browser ok with no problems,
then i updated to JRE 7, now the applet gives 4 warning windows and in the console it shows warnings of missing lines in the manifest file, but after accepting all warnings it worked ok.
I wanted to lose the warnings, so i first tried to modify the manifest file thinking that will resolve it, but since modifying the manifest files, the manifest warnings in the console don't show but the 4 security prompts are still there.
normally i self sign the jar, after searching for a while i find it is something about the certificate, it must have a valid certificate.
i used a generated Keytool command from DIGICERT website to produce a certificate file and a jks file,
i tried to add the certificate through the java control panel and it asks for the keystore password, but whenever i enter the password that i used while creating the certificate, it gives wrong password.
After searching for sometime i read suggestion of adding the certificate to either windows certificates or the internet explorer certificates then export it, but when i try to add the certificate to any of them it says unrecognized file.
i imported the certificate to cacerts which i read is the java trusted key store, but still the applet produces 4 security prompts before running.
i removed one of the security prompts by hiding the mixed code warning from the java control panel.
but still there are 3 warnings.
i have been trying for sometime, so any suggestions or explanation so that i can understand better ?
Upvotes: 0
Views: 423
Answers (1)
Reputation: 9872
There have been recently security concerns on client-side java code execution. Because of this, latest versions of JRE 7 tend to be extra-careful with everything they execute, specially self-signed applets and the likes of that.
Those security warnings will disappear when you provide an applet/web start/whatever client-side java executable code signed with a valid and trusted by the client certificate.
If you are in a corporate environment with an IT and/or security team, ask them for the right corporate certificate to sign your application with (it will probably be already trusted in the client workstations)
If you are deploying a java client-side component to be used widespread, you will need to sign it with a widely trusted certificate (here I cannot actually guide you... maybe you can get one off thawte?)
Upvotes: 1
Related Questions
- Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running
- Applet doesn't work on JRE 7
- Upgrading to JRE7 update 25 causes Applet to crash - extra data given to DerValue constructor
- Get rid of Signed Java Applet Security Dialog
- How to dismiss Java security warning
- Java applet still getting security error after signing jar
- How do I get my java applets to work again
- How can I use an old java applet with an expired certificate?
- ClassNotFoundException from applet on Java 1.7u25 when certificate revocation check is enabled; working fine on 1.6
- java is insecure message when running some applets