1 |
On 02/01/2014 10:30 AM, J. Roeleveld wrote: |
2 |
> On Sat, February 1, 2014 16:59, walt wrote: |
3 |
>> I admit that Oracle finally did something right by requiring a white-list |
4 |
>> of all java websites you want to use, but it's taken me all morning to |
5 |
>> understand how to do it. |
6 |
>> |
7 |
>> AFAICT, the only way to white-list a website is to use the Java Control |
8 |
>> Panel (jcontrol) and type the full URL including the http:// or preferably |
9 |
>> the https:// if you don't want a nag screen. |
10 |
>> |
11 |
>> For example, here's a site I visit every morning: |
12 |
>> |
13 |
>> http://www.goes.noaa.gov/goes-w.html which lets me watch a java-powered |
14 |
>> image loop of the weather over the Pacific Ocean. |
15 |
>> |
16 |
>> Now I click on the button to animate the image, and I get a pop-up saying |
17 |
>> that this untrusted website wants to do something awful and refuses to let |
18 |
>> it run java, period. No explanation of how I can 'trust' the website. |
19 |
>> |
20 |
>> How many people are going to figure out they need to run the Java Control |
21 |
>> Panel and manually add this site to the list of trusted sites? |
22 |
>> |
23 |
>> And, now that I've added "http://www.goes.noaa.gov" manually, I try the |
24 |
>> site again. |
25 |
>> |
26 |
>> Nope. The jar file I need is on a "different domain" (www.sdd.noaa.gov) |
27 |
>> so now I need to add that URL to the white list <sigh> including http:// |
28 |
>> |
29 |
>> Now, I agree that they did it right from a security point of view, but |
30 |
>> jeez, they could have done the user interface a bit better. |
31 |
>> |
32 |
>> Or maybe they did it better and I haven't found it yet? |
33 |
> |
34 |
> If there is a better way, please let me know. |
35 |
> |
36 |
> The IPMI of my servers use a Java application to allow me to see the console. |
37 |
> The errors I got have included: |
38 |
> - You are using an old version, please upgrade |
39 |
> - This site is untrusted / certificate is wrong |
40 |
> - This java application is blocked |
41 |
> |
42 |
> The last one led me to a page actually showing me how to "fix" this. |
43 |
> |
44 |
> An easier way then to use the silly jconsole might be found in the |
45 |
> following location: |
46 |
> |
47 |
> ~/.java/deployment/security/ |
48 |
|
49 |
WTF? No XML? ;) |
50 |
|
51 |
> |
52 |
> HTH, |
53 |
|
54 |
Very much, thanks. |
55 |
|
56 |
> PS. If anyone knows how to get an SSL-certificate that is accepted by |
57 |
> this, please let me know. |
58 |
|
59 |
I don't think I understand the question. jconsole has a button marked |
60 |
"Manage Certificates", that's not what you want? |