Java Solaris Communities Sun Store Join SDN My Profile Why Join?
» search tips 
Sun Developer Network
Developers Home > Products & Technologies > Java Technology > Community > Bug Database >
Join SDNWhy Join
 
Bug Database
Bug Detail
Quick Lists
Top 25 Bugs
Top 25 RFE's
Recently Closed Bugs
Printable Page Printable Page


Bug Database
Welcome
 
»  Login
»  Report a Bug
»  FAQs
  Bug Watch List:
» Watch this Bug
 Bug Votes:
 This bug is Closed.You cannot Vote for it.
Bug ID: 4838056
Votes 0
Synopsis Improve handling of expired certificates
Category javawebstart:jnlp_api
Reported Against 1.2
Release Fixed
State 11-Closed, duplicate of 4696477, request for enhancement
Priority: 4-Low
Related Bugs 4696477
Submit Date 26-MAR-2003
Description 




FULL PRODUCT VERSION :
java version "1.4.1_02"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1_02-b06)
Java HotSpot(TM) Client VM (build 1.4.1_02-b06, mixed mode)


FULL OS VERSION :
Linux 2.4.20-xfs-backstreet-ruby SMP i686

EXTRA RELEVANT SYSTEM CONFIGURATION :
web server, which uses an expired certificate

A DESCRIPTION OF THE PROBLEM :
If one tries to download an application via SSL and the server
presents an expired certifcate to Java Webstart (jws), jws
aborts the [download of the] application. E.g.:

NLPException[category: Download Error : Exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException: NotAfter: Wed Mar 03 15:09:18 MET 2004 : LaunchDesc: null ]

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1) configure your web server to use an expired certificate
2) try to launch your application

EXPECTED VERSUS ACTUAL BEHAVIOR :
If jws encounters an expired certificate, it should leave the decision to the
user, whether to continue with or abort the [download of the] application.

We expect the same behavior as in almost any modern web browser  (e.g. mozilla):
If the browser sees an expired certificate, it pops up a dialog, which gives
the user the chance to inspect the certificate and and allows the user to
continue or cancel the download of the appropriate file ...
abortion of the application [download].

ERROR MESSAGES/STACK TRACES THAT OCCUR :
JNLPException[category: Download Error : Exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateExpiredException: NotAfter: Wed Mar 03 15:09:18 MET 2004 : LaunchDesc: null ]
	at com.sun.javaws.cache.DownloadProtocol.doDownload(DownloadProtocol.java:602)
	at com.sun.javaws.cache.DownloadProtocol.isLaunchFileUpdateAvailable(DownloadProtocol.java:705)
	at com.sun.javaws.LaunchDownload.getUpdatedLaunchDesc(LaunchDownload.java:91)
	at com.sun.javaws.Launcher.downloadResources(Launcher.java:664)
	at com.sun.javaws.Launcher.handleApplicationDesc(Launcher.java:268)
	at com.sun.javaws.Launcher.handleLaunchFile(Launcher.java:177)
	at com.sun.javaws.Launcher.run(Launcher.java:145)
	at java.lang.Thread.run(Thread.java:536)


REPRODUCIBILITY :
This bug can be reproduced always.
(Review ID: 183060) 
======================================================================
Work Around 
N/A
Evaluation 
this will be covered by RFE 4696477: certificates should be downloaded dynamically for https, which is implemented in mantis (1.4.2)

  xxxxx@xxxxx   2003-03-26
Comments
  
  Include a link with my name & email   


PLEASE NOTE: JDK6 is formerly known as Project Mustang





About Sun  |  About This Site  |  Newsletters  |  Contact Us  |  Employment
How to Buy  |  Licensing  |  Terms of Use  |  Privacy  |  Trademarks
 

 
Copyright 1994-2008 Sun Microsystems, Inc.
A Sun Developer Network Site

Unless otherwise licensed, code in all technical manuals herein (including articles, FAQs, samples) is provided under this License.
 
XML Content Feeds