Security settings blocked an app signed with an expired or invalid certificate
Application blocked by security settings error on Windows8 client OS
I checked the above question, but it didn't work for me to find another solution.
A few days ago, our code signing certificate for the applet expired. We updated it and I created a new jar again and signed this applet with the updated certificate and now I am getting an exception.
com.sun.deploy.security.BlockedException: Your security settings have blocked an application signed with an expired or not-yet-valid certificate from running
at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
at com.sun.deploy.security.TrustDecider.askUser(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I removed all existing certificate from Java Control Panel and I open our site where I get new certificate details in applet. Last expiration date but when I click on Run
it throws an exception.
I checked the Java control panel again and then showed the old certificate, why is the new certificate not being used by Java?
source to share
Essentially you will have to re-sign the JAR in a deployed ear / war with a new trusted certificate. Until then, there are workarounds. You can do two things here:
- Goto Control Panel -> Java -> Security -> Edit Site List
Add app url, wildcards are accepted. Please note that you may need to close your browser and start over to read the new configuration.
- In the security tab of the java control panel, uncheck the security level before environment, apply, leave and restart the browser. It should work.
source to share
Create a file in users home directory /usr/home/username/.java/deployment/security/security/exception.sites Add the sites that you want the exception to be thrown. https://192.168.70.10 But if you prefer a GUI app, start JControl and create a list of exception sites.
source to share