Troubleshooting Erros during the Execution of Java Applets using the Java Network Launch Protocol (JNLP)
Below I want to show how we can solve some errors which can come up when trying to run some Java applets.
An applet is a program written in the Java programming language that can be included in an HTML page, much in the same way an image is included in a page. When you use a Java technology-enabled browser to view a page that contains an applet, the applet’s code is transferred to your system and executed by the browser’s Java Virtual Machine (JVM).
Source: https://www.oracle.com/java/technologies/applets.html
- Adding applications launched from the sites listed in the Exception Site List
- Unsigned application requesting unrestricted access to system
- Failed to validate certificate. The application will not be executed
- java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: OCSP response error: MALFORMED_REQUEST
- Links
Adding applications launched from the sites listed in the Exception Site List
In general to resolve the issues shown below first add all sites you want to launch the Java applet from to the Exception Site List in the Java Control Panel shown below.
Unsigned application requesting unrestricted access to system
The cause of the issue is that the upgrade package of JRE 1.8.0.351_b31 have disabled SHA-1 Signed JARs. Please refer the release notes of JRE8u351 for more details.
Remove the following line from the java.security file located in your Java installation path under lib\security to resolve the issue.
Locate the jdk.jar.disabledAlgorithms property and remove the red highlighted line with:
SHA1 denyAfter 2019-01-01
Finally it should looks like this.
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
DSA keySize < 1024, include jdk.disabled.namedCurves
Source: https://knowledge.broadcom.com/external/article/254772/webconsole-failed-to-run-with-java-updat.html
Failed to validate certificate. The application will not be executed
The issue is caused by JARs signed with SHA-1 algorithms that are restricted by default and treated as if they were unsigned, starting from the Oracle Java Version 8 Update 351.
Remove the following line from the java.security file located in your Java installation path under lib\security to resolve the issue.
Locate the jdk.certpath.disabledAlgorithms property and remove the red highlighted line with:
SHA1 usage SignedJAR & denyAfter 2019-01-01
Finally it should looks like this.
jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \
include jdk.disabled.namedCurves
Source: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0101395
java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: OCSP response error: MALFORMED_REQUEST
The cause of this problem that occurs abruptly is unknown but is most likely due to a network issue from the Company Network to the OCSP servers of the Certificate Authority.
Source: https://knowledge.broadcom.com/external/article/277328/univiewer-webconsole-cannot-start-with-o.html
Links
Java Network Launch Protocol
https://docs.oracle.com/javase/tutorial/deployment/deploymentInDepth/jnlp.htmlApplets
https://www.oracle.com/java/technologies/applets.htmlUniviewer Webconsole cannot start with OCSP response error: MALFORMED_REQUEST Certificate issue
https://knowledge.broadcom.com/external/article/277328/univiewer-webconsole-cannot-start-with-o.htmlWebconsole failed to run with Java updated to 1.8.0_351-b31
https://knowledge.broadcom.com/external/article/254772/webconsole-failed-to-run-with-java-updat.html
