2

Starting with Java 1.7.0_40, the "do not show this again for this app" checkbox, in security warnings for unsigned and self-signed applets is no longer available. My question: is there any other way to suppress these messages, without having to make an annual donation to VeriSign?

This is for an in-house application; I can ensure that the appropriate policy files are created on the client machines where this needs to run. I tried creating $HOME/.java.policy like this:

grant {
    permission java.security.AllPermission;
};

and also more selective versions with 'codeBase', etc., but even the simplest version just plain does not work. I also tried inserting this grant in the global java.policy, to no avail. Is it now completely impossible to suppress security warnings, even if you have control of the client machine?

Thomas Okken
  • 163
  • 10
  • You could always setup an internal CA and use a certificate issued by that CA. Putting it out there since you mentioned that this is an in-house app. – Nasir Nov 08 '13 at 17:32

1 Answers1

0

You can control that via a feature found in recent java versions (1.7.0_40+).

check what Deployment Rule Sets can do for you, to control how your local clients use a old java applet.

Please note that if your clients are "internet" users, you should fix your app instead! this is whitelist intranet sites (or change versions) and blacklist others.

higuita
  • 2,127
  • 20
  • 25