FULL PRODUCT VERSION : java version "1.6.0_24" Java(TM) SE Runtime Environment (build 1.6.0_24-b07) Java HotSpot(TM) Client VM (build 19.1-b02, mixed mode, sharing) ADDITIONAL OS VERSION INFORMATION : Microsoft Windows XP [Version 5.1.2600] EXTRA RELEVANT SYSTEM CONFIGURATION : 8.0.554.0 (62399) (but is the same for later versions) A DESCRIPTION OF THE PROBLEM : Java treats Chrome/Chromium as if it were Mozilla and attempts the read browser certs from the NSS certificate and key databases security: Accessing keys and certificate in Mozilla user profile: XXX security: JSS package is not found security: JSS is not configured Java treats Chrome/Chromium as if it were Mozilla and attempts the read browser certs from the NSS certificate and key databases as opposed to the System Keystore that Chrome uses. See below extract from Console logs: security: Accessing keys and certificate in Mozilla user profile: XXX security: JSS package is not found security: JSS is not configured I had raised this as an issue with Chromium (http://code.google.com/p/chromium/issues/detail?id=73870) and they have confirmed that it is an issue with Java STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : 1.Enable the "Use certificate and keys in browser store" in the Java security options 2.Create a simple index.html including Java Applet 3.Access over SSL with client authentication enabled 4.User is prompted with Java dialog "Request Authentication" (this should but does NOT have certs available to select). 5. Click cancel as this is the only option. EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - Applet should work ACTUAL - Applet is not found as no client authenticating cert is sent ERROR MESSAGES/STACK TRACES THAT OCCUR : Class not found exception REPRODUCIBILITY : This bug can be reproduced always. CUSTOMER SUBMITTED WORKAROUND : Access the Jar via a non-client authenticated port, not ideal. May cause security vunerabilities.
|