-
Bug
-
Resolution: Fixed
-
P1
-
6
-
None
-
b39
-
generic
-
generic
-
Verified
Tested OS : Windows, Solaris
Tested Build : mustang nightly/ PIT(b39)
Build Location : /net/sqesvr-nfs.sfbay/global/nfs/deployment5/pit_builds
Problem description :
User should be allowed to save the certifictes inside the secure site store(trusted.jssecerts) for all the applications coming from secured webserver, but that's not happening when tried with nightly builds(including PIT b39). Functionality is OK till mustang promoted build 37
Steps to reproduce :
1) Install JRE from the location mentioned above and remove the <user_deployment_home>/security if it exists
2)Try to launch any of the following applications
Applets:
http://nicole1.sfbay.sun.com:8080/plugin_tests/https/pluginhtml-default/FilePost.html
https://sqe-jpi-01.sfbay.sun.com:8443/tests/https/pluginhtml-default/FilePost.html
JAWS application
http://nicole1.sfbay.sun.com:8080/JavawsMustangIntegTest/https/https_always.jnlp
3) Click on the "Always trust content from this publisher" chechbox on the "Warning - Security" pop-up
4) If you notice following exception getting thrown on java console and trusted.jssecerts is not getting created inside the <user_deployment_home>/security
then the bug is reproduced
java.security.KeyStoreException: Cannot modify certificate store.
at com.sun.deploy.security.ImmutableCertStore.add(Unknown Source)
at com.sun.deploy.security.X509DeployTrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at java.net.URL.openStream(Unknown Source)
at HttpsTest.main(HttpsTest.java:51)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
###@###.### 2005-05-25 21:18:39 GMT
Tested Build : mustang nightly/ PIT(b39)
Build Location : /net/sqesvr-nfs.sfbay/global/nfs/deployment5/pit_builds
Problem description :
User should be allowed to save the certifictes inside the secure site store(trusted.jssecerts) for all the applications coming from secured webserver, but that's not happening when tried with nightly builds(including PIT b39). Functionality is OK till mustang promoted build 37
Steps to reproduce :
1) Install JRE from the location mentioned above and remove the <user_deployment_home>/security if it exists
2)Try to launch any of the following applications
Applets:
http://nicole1.sfbay.sun.com:8080/plugin_tests/https/pluginhtml-default/FilePost.html
https://sqe-jpi-01.sfbay.sun.com:8443/tests/https/pluginhtml-default/FilePost.html
JAWS application
http://nicole1.sfbay.sun.com:8080/JavawsMustangIntegTest/https/https_always.jnlp
3) Click on the "Always trust content from this publisher" chechbox on the "Warning - Security" pop-up
4) If you notice following exception getting thrown on java console and trusted.jssecerts is not getting created inside the <user_deployment_home>/security
then the bug is reproduced
java.security.KeyStoreException: Cannot modify certificate store.
at com.sun.deploy.security.ImmutableCertStore.add(Unknown Source)
at com.sun.deploy.security.X509DeployTrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at java.net.URL.openStream(Unknown Source)
at HttpsTest.main(HttpsTest.java:51)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
###@###.### 2005-05-25 21:18:39 GMT