2

Ever since the bashing of Java not being secure, Java Webstart security features are getting tighter and tighter. i'm using java 1.8u20.

At the moment my application is missing some security check and thus doesn't show the tickbox as it is shown below.
enter image description here

I'm kind of tired of not knowing what popups and their variations are possible.
Does Oracle have a flowchart stating what Popups happen and when tickboxes dissapear for which reason? Or even a log file where all security checks are logged, so you can actually find out where Webstart is seeing an error?

Houtman
  • 2,819
  • 2
  • 24
  • 34

1 Answers1

1

Yes, the Java Web Start tag includes a reference to the article on security prompts. See also this Q&A: the accepted answer correctly recommends a certificate signed by a well known Certificate Authority (CA), but a self-signed certificate may be an usage alternative.

Community
  • 1
  • 1
trashgod
  • 203,806
  • 29
  • 246
  • 1,045
  • But it doesn't tell that if you tick the box, that it actually adds an entry in the "Trusted Certificates" part of the Java truststore. I would like to know how javaws can 'trust' my app more, than for the user to think about it. – Houtman Dec 10 '14 at 18:07
  • Houtman, it's true that when you tick the box, Java adds the certificate to the "Trusted Certificates" list in Java Control Panel so the user doesn't see the security prompt anymore. It's also true that the details are not well documented by Oracle other than the links provided above. So you have to do trial and errors, or ask questions here. But looks like you already know the answer to most of your own questions. – Saeid Nourian Dec 11 '14 at 00:58
  • @Saeid I only have some answers, but i was hoping not to go for trial and error. Thanks for acknowledging – Houtman Dec 11 '14 at 08:44