-
Bug
-
Resolution: Incomplete
-
P3
-
7u51, 8
-
win7/x64/jre8-b120
According to https://bugs.openjdk.java.net/browse/JDK-8010247, then initial revoked dialog should show up again when reloads the applet that is signed with a revoked cert:
#3. The initial message shown above should be redisplayed if the user reloads the page or clicks on the "Error. Click for Details" link within the applet.
Steps to reproduce:
1 Open JCP->Advanced->"Check for certificate revocation using": Check "Both CRLs and OCSP"
2 make sure you can access to internet
3 Launch singed applet whose jar is singed with a revoked cert: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/OcspAndCrlCheckManual/html/testOCSPAndCRLRevokedCert.html
4 There will be a revoked dialog with title "Application Blocked for Security" shown up
5 Click "OK"
6 Reload the applet page
7 If no dialog with title "Application Blocked for security" shows up again, then this bug is reproduced.
Expected behavior: a dialog with title "Application Blocked for security" should show up again in step#7
Note: jnlp applets work fine. Steps:
1 Open JCP->Advanced->"Check for certificate revocation using": Check "Both CRLs and OCSP"
2 make sure you can access to internet
3 Launch singed applet whose jar is singed with a revoked cert: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/OcspAndCrlCheckManual/html/testOCSPAndCRLRevokedCert_JNLP.html
4 There will be a revoked dialog with title "Application Blocked for Security" shown up
5 Click "OK"
6 Reload the applet page
7 A dialog with title "Application Blocked for security" will show up again.
#3. The initial message shown above should be redisplayed if the user reloads the page or clicks on the "Error. Click for Details" link within the applet.
Steps to reproduce:
1 Open JCP->Advanced->"Check for certificate revocation using": Check "Both CRLs and OCSP"
2 make sure you can access to internet
3 Launch singed applet whose jar is singed with a revoked cert: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/OcspAndCrlCheckManual/html/testOCSPAndCRLRevokedCert.html
4 There will be a revoked dialog with title "Application Blocked for Security" shown up
5 Click "OK"
6 Reload the applet page
7 If no dialog with title "Application Blocked for security" shows up again, then this bug is reproduced.
Expected behavior: a dialog with title "Application Blocked for security" should show up again in step#7
Note: jnlp applets work fine. Steps:
1 Open JCP->Advanced->"Check for certificate revocation using": Check "Both CRLs and OCSP"
2 make sure you can access to internet
3 Launch singed applet whose jar is singed with a revoked cert: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/OcspAndCrlCheckManual/html/testOCSPAndCRLRevokedCert_JNLP.html
4 There will be a revoked dialog with title "Application Blocked for Security" shown up
5 Click "OK"
6 Reload the applet page
7 A dialog with title "Application Blocked for security" will show up again.