Using JRE5 or JRE6 release, Java webstart application can force to use old JRE, such as JRE 1.4.2_15 in jnlp file, in current design, we are still loading cacerts file from JRE5 or JRE 6 directory, not JRE 1.4.2_15.

With new certificate come from AOL has been added into cacerts file in JRE 5 and JRE 6, the JSSE api in JRE 1.4.2 can't parse this new certificate in cacerts file (lengthn > 4k), therefore the application will failed to load during loading cacerts file, the following exception will be thrown:

java.secutrity.cert.CertificateParsingException in 5.0u15-b02

java.security.cert.CertificateParsingException: java.io.IOException
subject key, Unknown key spec, Invalid RSA modulus size.
Posted Date : 2008-01-29 16:55:26.0

N/A

We will load cacerts file from JRE1.4.2 instead of JRE 5 and JRE 6.
Posted Date : 2008-01-29 16:55:26.0