1

I am using the Sentinel EMS from Safenet. The local tomcat6 website uses the java applets for their hardware key management. I installed the latest jre7 u45 from java.com. My problem is the java applets are taking too much time to load in an offline environment (applet shows the progress bar about 8 - 10 minutes). When the machine is connected to internet, the applets will load in less than 1 minute. Is there any setting to change the behaviour of java or is it a problem of tomcat?

Note:The safenet people replied it is the problem of jre installation and I need to re-install. I did re install 2-3 times, but no chance to rectify the problem.

Vijayakumar
  • 51
  • 1
  • 9
  • I don't understand. How can an applet load if the machine is offline? If it's offline, it doesn't have access to the web, so it can't download the applet. – JB Nizet Dec 21 '13 at 07:24
  • @JBNizet, Sentinel EMS is a locally installed tomcat6 website using Sentinel LDK installation (http://www.safenet-inc.com/support-downloads/downloads-developer-kits/). The local site can be accessed using http://localhost:8080/ems. – Vijayakumar Dec 21 '13 at 09:08
  • Fiddler2 reveals the actual problem. The java applet trying to connect to ocsp.verisign.com, crl.verisign.com and csc3-2010-crl.verisign.com about 30 times to verify the verisign signature. The signature could not be verified since the machine is working offline to internet. Is there any setting to stop applets from checking certificates when loading from localhost? – Vijayakumar Dec 26 '13 at 03:43
  • Still no answers/comments to my question. I think there is no way to solve my issue. So as a solution, when I need to use this tomcat6 Java local site, I should connect the machine to internet. Thanks to all. [To site administrator, you can close this session] – Vijayakumar Dec 30 '13 at 05:19

1 Answers1

5

I think there is some gap in communication . I am trying to answer your question below, hope this helps

Certificate verification is recommended by JAVA since JRE 7 update 25 for security reasons, you can visit http://www.java.com/en/download/help/revocation_options.xml

There is a Workaround which is not recommended by Java

  1. Open Control Panel
  2. Open Java
  3. Goto Advance Settings
  4. Find "Perform certificate revocation checks on"
  5. Select "Do not check (Not Recommended)"
  6. Click Ok

enter image description here

After this restart all Browser instances

Note :- For Intranet or Localhost you can use this workaround as you know that certificates are valid, but for internet please revert back to default settings

I am from Safenet QA

Abhinav Garg
  • 1,642
  • 3
  • 22
  • 41