Skip site navigation (1)Skip section navigation (2)
Date:      14 Jan 2003 10:35:50 +0100
From:      "Georg-W. Koltermann" <g.w.k@web.de>
To:        freebsd-java@freebsd.org
Subject:   Mozilla won't run signed java applet, with unknown certificate
Message-ID:  <1042536953.666.26.camel@hunter.muc.mscsoftware.com>

next in thread | raw e-mail | index | archive | help
Hi,

when I try to run the signed java applet example from SUN at
http://java.sun.com/security/signExample12/signedPluginEx.html ,
Mozilla (1.2b) loads the applet, then pops up an exception window
(transscribed manually, cut&paste did not work):

java.security.cert.CertificateException: Unable to verify the
certificate with root CA
at
sun.plugin.security.TrustDecider.isAllPermissionGranted(TrustDecider.java:150)
at
sun.plugin.security.PluginClassLoader.getPermissions(PluginClassLoader.java:124)
...

The same page works in Linux, also with Mozilla (1.2.1) on my
colleague's machine, it pops up a dialog to grant write permission to
the signed applet.

I've compared the Java version (1.3.1) and any security related files in
$JAVA_HOME/jre/lib/security, they are all the same.  The difference is
that my colleague uses Linux with the Linux browser and JDK, and I use
FreeBSD with the FreeBSD browser and FreeBSD native jdk (1.3.1p7).

I have also tried to explicitly import SUN's certificate from 
http://java.sun.com/security/signExample12/Duke.x509 using keytool. 
With the certificate imported, the applet DOES WORK.  It is just the
default behaviour that is different, with unknown certificates.  The
Linux version pops up the dialog asking the user, the FreeBSD version
throws the exception and fails.

Is there a way to configure this? Is it a difference in the Java ports?
In the Mozilla ports?

--
Regards,
Georg.






To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-java" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1042536953.666.26.camel>