P3
FULL PRODUCT VERSION :
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Darwin Mac-mini-de-Oscar.local 11.4.2 Darwin Kernel Version 11.4.2: Thu Aug 23 16:25:48 PDT 2012; root:xnu-1699.32.7~1/RELEASE_X86_64 x86_64
A DESCRIPTION OF THE PROBLEM :
Signed Java Web Start application executes with warning message:
Certificate revocation check cannot be performed.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
javaws http://www.tetrainfo.com/soporte.jnlp
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Web Start must not warn about the certificate revocation.
ACTUAL -
Certificate revocation check cannot be performed.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
If I set the max level of security, I can get the following error:
com.sun.deploy.security.RevocationChecker$StatusUnknownException: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
... 18 more
Caused by: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
at sun.security.provider.certpath.OCSP.check(OCSP.java:291)
at sun.security.provider.certpath.OCSP.check(OCSP.java:189)
at sun.security.provider.certpath.OCSP.check(OCSP.java:154)
... 19 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
I can not send source code because the problem is due to signing certificate.
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Disable the revocation check, but this reduces the level of security
java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Darwin Mac-mini-de-Oscar.local 11.4.2 Darwin Kernel Version 11.4.2: Thu Aug 23 16:25:48 PDT 2012; root:xnu-1699.32.7~1/RELEASE_X86_64 x86_64
A DESCRIPTION OF THE PROBLEM :
Signed Java Web Start application executes with warning message:
Certificate revocation check cannot be performed.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
javaws http://www.tetrainfo.com/soporte.jnlp
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Web Start must not warn about the certificate revocation.
ACTUAL -
Certificate revocation check cannot be performed.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
If I set the max level of security, I can get the following error:
com.sun.deploy.security.RevocationChecker$StatusUnknownException: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
... 18 more
Caused by: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
at sun.security.provider.certpath.OCSP.check(OCSP.java:291)
at sun.security.provider.certpath.OCSP.check(OCSP.java:189)
at sun.security.provider.certpath.OCSP.check(OCSP.java:154)
... 19 more
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
I can not send source code because the problem is due to signing certificate.
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Disable the revocation check, but this reduces the level of security