0

I'm self signing my Applet that uses the library JSSC to read a COM Port device's data however that's not enough to allow the applet to access that resource and an exception is thrown when I try to list the COM ports available, I'm testing on my https url.

First I get "Running this application may be a security risk", then it asks me if I want to block the unsafe content (mixed security), I click NO but still the JSSC library won't work.

I don't know what else to try, any advise is much appreciated.

Andrew Thompson
  • 168,117
  • 40
  • 217
  • 433
paul-2011
  • 675
  • 10
  • 27
  • 1
    Uhm, I would be surprised that the applet security context would let you access a raw computer device to start with... – fge Feb 18 '14 at 00:27
  • On the Jssc website there is an applet terminal deem demo and it works fine, I downloaded the source and if I use their compiled .jar it lotada fine on my Web server, if I compile myself and sign myself it won't work. – paul-2011 Feb 18 '14 at 11:18

2 Answers2

1

Do you mean this applet?

What is the java version you are using?

Do you use an jnlp file (like this one)?

In the latest java update 7u51 (1.7.0_51) by default you are not able to run self signed applets anymore. So what can you do?

  1. Use an official certificate OR
  2. Decrease the security level in your system properties\Java\Security to medium OR
  3. Add your page to the exception site list

Here is an overview of what changed in the latest java version. Important for you is especially the permissions Manifest attributes (because it is not set in the jssc.jar nor in the jSSC-Terminal.jar file)

Regarding the message with the mixed security could it be that you only signed your applet.jar and not the 3rd party libs (like jssc.jar)?

Lonzak
  • 9,334
  • 5
  • 57
  • 88
0

This is how I solved the problem:

  1. Downloaded Eclise.
  2. Installed this plugin: http://keytool.sourceforge.net.
  3. Used the plugin to generate my own certificate.
  4. Went back on Netbeans where my project was.
  5. Brought up my project properties.
  6. Under "Application" -> "Web Start" I checked "Enable We Start".
  7. On "Signing" i clicked "customize".
  8. Checked "Sign by a specified key"
  9. Clicked "Browse" and searched for the certificate generated on Eclipse.
  10. Entered the certificate password that I assigned on Eclipse and an Alias (any).
  11. Kept "Mixed Code" as "Enable Software Protections".
  12. Downgraded the machine to Java 6 (http://www.oldapps.com/java.php).
  13. Built the project on Netbeans and it signed my jar and the JSSC.jar automatically.
  14. Opened the Java settings and under "Advanced" I checked "Disable veritication".
  15. Deployed the project and launch the applet page, Java displayed a security warning, I checked the box to Always Trust the publisher and the applet now works 100% and without any additional prompts.
paul-2011
  • 675
  • 10
  • 27