LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Java Applets Run Through Security Warnings Only (https://www.linuxquestions.org/questions/linux-software-2/java-applets-run-through-security-warnings-only-4175543516/)

Klaipedaville 05-25-2015 04:09 AM

Java Applets Run Through Security Warnings Only
 
Hello there,

My question may not be really Linux related, it's just partially Linux related so..

That's how it appears. First, when I restore all Java prompts, I get the message that the publisher name is verified and the digital signature for this application was generated with a certificate from a trusted authority. This is just a regular message when you click on "more information". The applet is started, everything works fine up to this moment. Then when I press "run" that is to actually run the Java applet I instantly get another message that already says, "The publisher name is unknown. There is no digital signature for this application." When a half of a second earlier it said just the contrary! Now in order to get to the applet I always have to click through this security warning message. Anybody has any ideas what's going on? It happens on all the major latest browsers such as FF, IE, Chrome, Opera, and Safari. I tried completely re-installing Java, browsers' and Java's caches cleaned / uncleaned but no joy. I of course tried it with and without the exception sites list but still no dice either.

The only thing I could realize is that the only trouble when that could happen is when the CA root / intermediate certs are not in your keystore when the applet /.jar is signed but then again if it had not been signed with the CA added then it would have never worked at all in the first place which is not the case here because it always says in my first message that the publisher is verified and it is signed by a trusted authority. I am totally clueless... Would appreciate any comments / assistance / advices.. anything at all. Many thanks!

MensaWater 05-26-2015 01:36 PM

Some web pages pull in content from other web pages and it is the content from the other web page that isn't verified rather than the initial lookup. I saw similar issue back in March on one of our hosted sites.

Klaipedaville 05-27-2015 04:35 AM

Quote:

Originally Posted by MensaWater (Post 5367720)
Some web pages pull in content from other web pages and it is the content from the other web page that isn't verified rather than the initial lookup. I saw similar issue back in March on one of our hosted sites.

Hey MensaWater!

Thank you for posting and sharing! I appreciate.

I will dig through further on just to take a look if there might be anything like that on my server. However, I doubt it could be it in my case. I am in constant contact with the Applet's developer (I also checked the code myself) and there is nothing there that could possibly fetch something else from the other web page. I developed the page myself so there is nothing extra in my code there as well that could bring this behavior up. I also own the dedicated server where it is all hosted and I am 100% sure the server is running fine. Nonetheless, this little problem is still there.

I've recently discovered that the latest Java (8u45) just didn't work right in this configuration, if anybody is interested to know. I tried flushing Java down to a few earlier updates and it worked well the same second I went for this earlier Java version. Weird.

Anyway, Java is dead for its 3 billion bugs and vulnerabilities and our good old JavaScript + HTML5 is a perfect substitute. Therefore for the time being I will stick with the earlier version of Java (8u31) that works OK as it's only a temporary short-term solution that will not be there for long. Plus, I use it for quick personal and rare short-connection purposes only as nowadays keeping Java on your machines is a security suicide. :-)


All times are GMT -5. The time now is 06:30 AM.