-
Bug
-
Resolution: Fixed
-
P2
-
None
-
Verified
Issue can be reproduced on windows 32bit with jdk8 cpu bundles b123 from http://jre.us.oracle.com/java/re/jdk/8-cpu1401/promoted/ea/b123/bundles, as well as nightly build of Jan 07. However the issue is not with JDK nightly build Jan 03.
1. Change slider setting to Medium or import the cert used to sign the applet from:
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tmpcert/myKeystoreValid. (alias=validSelfSign password="changeit")
2. To make sure web server is tls1.2 enabled, extract tls1.2 enabled tomcat package downloadable from
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tls/apache-tomcat-6.0.26.zip
3. Set env JAVA_HOME to a stable jdk7 and start tomcat with $TOMCATDIR/bin/startup.bat.
4. Start applet from:
http://127.0.0.1:8080/tls_low/html/testConnectHttps.html
5. If you can see exception below which can be tracked down to calling of sun.net.www.protocol.https.HttpsURLConnectionImpl.connect, the bug is reproduced.
java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:8443" "connect,resolve")
Expected behavior:
With default setting a applet should be able to connect back to tls 1.2 enabled web server using https protocol.
The source of applets can be found from:
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tls/src
1. Change slider setting to Medium or import the cert used to sign the applet from:
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tmpcert/myKeystoreValid. (alias=validSelfSign password="changeit")
2. To make sure web server is tls1.2 enabled, extract tls1.2 enabled tomcat package downloadable from
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tls/apache-tomcat-6.0.26.zip
3. Set env JAVA_HOME to a stable jdk7 and start tomcat with $TOMCATDIR/bin/startup.bat.
4. Start applet from:
http://127.0.0.1:8080/tls_low/html/testConnectHttps.html
5. If you can see exception below which can be tracked down to calling of sun.net.www.protocol.https.HttpsURLConnectionImpl.connect, the bug is reproduced.
java.security.AccessControlException: access denied ("java.net.SocketPermission" "127.0.0.1:8443" "connect,resolve")
Expected behavior:
With default setting a applet should be able to connect back to tls 1.2 enabled web server using https protocol.
The source of applets can be found from:
http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/larry/bugreport/tls/src