| 1 |
On 02/01/2014 10:30 AM, J. Roeleveld wrote: |
| 2 |
> On Sat, February 1, 2014 16:59, walt wrote: |
| 3 |
>> I admit that Oracle finally did something right by requiring a white-list |
| 4 |
>> of all java websites you want to use, but it's taken me all morning to |
| 5 |
>> understand how to do it. |
| 6 |
>> |
| 7 |
>> AFAICT, the only way to white-list a website is to use the Java Control |
| 8 |
>> Panel (jcontrol) and type the full URL including the http:// or preferably |
| 9 |
>> the https:// if you don't want a nag screen. |
| 10 |
>> |
| 11 |
>> For example, here's a site I visit every morning: |
| 12 |
>> |
| 13 |
>> http://www.goes.noaa.gov/goes-w.html which lets me watch a java-powered |
| 14 |
>> image loop of the weather over the Pacific Ocean. |
| 15 |
>> |
| 16 |
>> Now I click on the button to animate the image, and I get a pop-up saying |
| 17 |
>> that this untrusted website wants to do something awful and refuses to let |
| 18 |
>> it run java, period. No explanation of how I can 'trust' the website. |
| 19 |
>> |
| 20 |
>> How many people are going to figure out they need to run the Java Control |
| 21 |
>> Panel and manually add this site to the list of trusted sites? |
| 22 |
>> |
| 23 |
>> And, now that I've added "http://www.goes.noaa.gov" manually, I try the |
| 24 |
>> site again. |
| 25 |
>> |
| 26 |
>> Nope. The jar file I need is on a "different domain" (www.sdd.noaa.gov) |
| 27 |
>> so now I need to add that URL to the white list <sigh> including http:// |
| 28 |
>> |
| 29 |
>> Now, I agree that they did it right from a security point of view, but |
| 30 |
>> jeez, they could have done the user interface a bit better. |
| 31 |
>> |
| 32 |
>> Or maybe they did it better and I haven't found it yet? |
| 33 |
> |
| 34 |
> If there is a better way, please let me know. |
| 35 |
> |
| 36 |
> The IPMI of my servers use a Java application to allow me to see the console. |
| 37 |
> The errors I got have included: |
| 38 |
> - You are using an old version, please upgrade |
| 39 |
> - This site is untrusted / certificate is wrong |
| 40 |
> - This java application is blocked |
| 41 |
> |
| 42 |
> The last one led me to a page actually showing me how to "fix" this. |
| 43 |
> |
| 44 |
> An easier way then to use the silly jconsole might be found in the |
| 45 |
> following location: |
| 46 |
> |
| 47 |
> ~/.java/deployment/security/ |
| 48 |
|
| 49 |
WTF? No XML? ;) |
| 50 |
|
| 51 |
> |
| 52 |
> HTH, |
| 53 |
|
| 54 |
Very much, thanks. |
| 55 |
|
| 56 |
> PS. If anyone knows how to get an SSL-certificate that is accepted by |
| 57 |
> this, please let me know. |
| 58 |
|
| 59 |
I don't think I understand the question. jconsole has a button marked |
| 60 |
"Manage Certificates", that's not what you want? |
Archives