Bug ID: JDK-6963077 6u20: Cert list is empty, but customer is prompted by a JRE dialog to select a cert

Type: Enhancement
Component: deploy
Sub-Component: deployment_toolkit
Affected Version: 6u20

Priority: P2
Status: Closed
Resolution: Fixed
OS: generic
CPU: generic

Submitted: 2010-06-22
Updated: 2011-05-02
Resolved: 2010-10-29

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 6	JDK 7
6u22-rev b07Fixed	7Fixed

The customer uses 6u20 on Windows XP in order to use an applet over a https connection.

Before the applet is fully loaded, a dialog called "Request Authentication" requests the user to select a certificate. However, the cert list is empty and the user cannot select anything. If the user clicks on OK or Cancel on the dialog, the dialog disappears, the applet continues to load and the user can use the applet.
A screenshot has been attached to this report.

The dialog box called "Request Authentication" is from the JRE (see also com.sun.deploy.securityClientCertDialog). The dialog that shows an empty cert list and requests the user to select a cert confuses the users.

EVALUATION We do have an option in Java control panel to "Use personal certificate automatically" to hide the popup dialog box, we should be able to change this option to this: 'Don't prompt for client certificate selection if no or only one certificate exists' as it displayed in IE browser.

30-08-2010

EVALUATION I have running the testcase and reproduce the issue which customer encounter. But this mostly like a configuration issue in customer webserver side, the webserver is setup using client authentication, but even without client certificate installed on client machine, the webserver won't stop loading the page and applet, therefore the Java applet will still runs fine. To simply testing that, open IE browser, trying to load this URL: https://qa-cfx.eon-apps.com/eteexdl You will notice a "Choose a digital certificate" dialog box popup from IE browser (not Java at this point), and this dialog box is empty! click on OK button, the page will still load (by theory it should stop loading the page with error). Please reconfig the https webserver to disable client authentication, which it didn't need by my understanding.

24-06-2010

Relates :	JDK-6986709 - Request to localise deployment.security.clientauth.keystore.auto to new value
Relates :	JDK-2201242 - Request to localise deployment.security.clientauth.keystore.auto to new value
Relates :	JDK-6994168 - Certificate dialog chooser modal frame causes plugin2 to freeze