JDK-4696477 : certificates should be downloaded dynamically for https
  • Type: Enhancement
  • Component: deploy
  • Sub-Component: webstart
  • Affected Version: 1.0.1,1.2.0
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,linux
  • CPU: generic,x86
  • Submitted: 2002-06-03
  • Updated: 2002-10-15
  • Resolved: 2002-10-15
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
1.4.2 mantisFixed
Related Reports
Duplicate :  
JDK-4838056 - Improve handling of expired certificates
Description

Name: pa48320			Date: 06/03/2002


I am reporting this againt Java Web Start 1.2. This version is not
yet available at the partner site for bug filing.

If a user wants to use "https" to download jar files and subsequently
use the "https" to connect to the server, he/she has to import
the certificate to the client manually first. Otherwise en exception
would be raised like "certificate is not found in the keystore and
can not be trusted".
If a browser encounters https site and finds the certificate is not
in it's keystore, it imports the certificate and asks the user if it
can be trusted. It will be put in the keystore if the user trusts it.
We want similar kind of dynamically importing certificates in Java
Web Start. Otherwise it is practically very difficult to deploy
our application for large no. of users who want to use https as
the method of communication between the client and the server.
(Review ID: 148160) 
======================================================================
Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: mantis FIXED IN: mantis INTEGRATED IN: mantis mantis-b04
31-08-2004
WORK AROUND Name: pa48320 Date: 06/03/2002 In order to work with "https" which is supported in 1.2, user has to manually import the certificate to the client's keystore using something like keytool -import -keystore ./cacerts -trustcacerts -file apache_1024.crt ======================================================================
31-08-2004
EVALUATION need to implement this for mantis ###@###.### 2002-06-10
10-06-2002