JDK-6199691 : Need correct instructions for using X.509 certificates with JRE 5.0
- Type: Bug
- Component: deploy
- Sub-Component: deployment_toolkit
- Affected Version: 5.0
- Priority: P4
- Status: Closed
- Resolution: Duplicate
- OS: windows_xp
- CPU: x86
- Submitted: 2004-11-24
- Updated: 2010-04-02
- Resolved: 2004-12-13
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 |
|---|
6Resolved  |
Related Reports
|
Duplicate :
|
Description
FULL PRODUCT VERSION : Java (TM) 2 Runtime Environment, Standard (build 1.5.0-b64) Java Hotspot (TM) Client VM (build 1.5.0-b64), mixed mode, sharing) ADDITIONAL OS VERSION INFORMATION : Windows XP [Version 5.1.2600] A DESCRIPTION OF THE PROBLEM : We have installed JRE 5.0 and accepted all defaults. We are having two major issues. 1) We have followed the instructions in the link http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/keystores.html but cannot get the JRE to recognize the X.509 certificates in the keystores for either Netscape 7.0 or Mozilla Firefox 1.0 . The steps on Sun's website are not descriptive enough. We need exact instructions on how to configure JSS so that the default setting of 'Use certificates and keys in browser keystore' supports the browsers in our large environment. We have Netscape 7.0 and IE 6 and Mozilla Firefox. 2) Is there a way to automate adding a user's X.509 certficate into the JRE? We don't want to ask thousands of users to launch the Java control panel application and import their certificate. I realize that we need to assign a password for the creation of the keystore. We could write a client side Java application to do this if we need to. But we would rather prompt the user with a single dialog box rather than ask them to go through the control panel. If you have both the 'Use certificates and keys in browser keystore' checkbox checked and your certificate in the JRE, you will be prompted with multiple certificate entries in the JRE dialog box. You will see the certs from the browswer and the cert in the JRE. This can be confusing since the certificate names will be the same. To the casual observer, you will see two seeminly duplicate entries. STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : 1. Install IE 6, Netscape 7.0 and Firefox 1.0. 2. Install JRE 5.0. Keep default 'Use certificates and keys in browser keystore' 3. Connect to a https website that requires a client X.509 certificate and have that site serve an applet. 4. Notice that IE will work but Netscape and Firefox will not. 5. Import your certificate into the JRE. 6. Go back to same site in step 3 and notice that Netscape and Firefox now work. Notice multiple cert entries in IE. REPRODUCIBILITY : This bug can be reproduced always.
Comments
|