-
Bug
-
Resolution: Cannot Reproduce
-
P3
-
None
-
8u60, 9
-
x86_64
-
windows_7
FULL PRODUCT VERSION :
Plugin:
Java Plug-in 11.121.2.13 x86
Using JRE version 1.8.0_121-b13 Java HotSpot(TM) Client VM
Command line:
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
Java plugin is unable to download a applet from a TLS server (ver 1.2) with client authentication and TLS_DHE_DSS_* cipher suites. Java console shows error "Error signing the certificate verify". Java plugin is able to download applet with TLS_RSA_WITH* and TLS_DHE_RSA_WITH* cipher suites.
Command line version of Java has no problem download the applet from the server using TLS_DHE_DSS_* cipher suites.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open browser and connect to a TLS server (with TLS_DHE_DSS_WITH* cipher suites) to load a html page with a applet.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The applet should be loaded on the browser.
ACTUAL -
Java console show error "Error signing the certificate verify"
ERROR MESSAGES/STACK TRACES THAT OCCUR :
thread applet-Hello.class-1, called closeSocket()
thread applet-Hello.class-1, handling exception: javax.net.ssl.SSLHandshakeException: Error signing certificate verify
java.lang.ClassNotFoundException: Hello.class
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
basic: load: class Hello.class not found.
java.lang.ClassNotFoundException: Hello.class
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
Disable TLS1.2 or load the client cert into keystore in Java Control panel.
Plugin:
Java Plug-in 11.121.2.13 x86
Using JRE version 1.8.0_121-b13 Java HotSpot(TM) Client VM
Command line:
java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows [Version 6.1.7601]
A DESCRIPTION OF THE PROBLEM :
Java plugin is unable to download a applet from a TLS server (ver 1.2) with client authentication and TLS_DHE_DSS_* cipher suites. Java console shows error "Error signing the certificate verify". Java plugin is able to download applet with TLS_RSA_WITH* and TLS_DHE_RSA_WITH* cipher suites.
Command line version of Java has no problem download the applet from the server using TLS_DHE_DSS_* cipher suites.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Open browser and connect to a TLS server (with TLS_DHE_DSS_WITH* cipher suites) to load a html page with a applet.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The applet should be loaded on the browser.
ACTUAL -
Java console show error "Error signing the certificate verify"
ERROR MESSAGES/STACK TRACES THAT OCCUR :
thread applet-Hello.class-1, called closeSocket()
thread applet-Hello.class-1, handling exception: javax.net.ssl.SSLHandshakeException: Error signing certificate verify
java.lang.ClassNotFoundException: Hello.class
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
basic: load: class Hello.class not found.
java.lang.ClassNotFoundException: Hello.class
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
REPRODUCIBILITY :
This bug can be reproduced always.
CUSTOMER SUBMITTED WORKAROUND :
Disable TLS1.2 or load the client cert into keystore in Java Control panel.