Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6184674

Mozilla root CACerts not being recognized for https server authentication

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Not an Issue
    • Affects Version/s: 5.0u1
    • Fix Version/s: 5.0u1
    • Component/s: deploy
    • Labels:

      Description

      OS - All
      browser - Mozilla1.7
      build tested - 5.0 u1 b04

      Steps to reproduce -

      1) install 5.0 u1 b04 from the following location
      /net/koori/onestop/jdk/1.5.0_01/promoted/ea/b04/bundles

      2) Register the plugin with Mozilla browser

      3) Make sure that <deployment_user_home>/security is clean i.e. there should not be certificate store exist,if any remove it

      4) Rename the <jre_home>/lib/cacert file. Since your renaming the cacert file inside <jre>/lib directory make sure that JRE is locally installed on the machine

      5) create a dir "jss" inside mozilla_installed dir.

      6) Copy jss341.jar from the following location into mozilla_installed_dir/jss
      /net/cady/export/sqa/ap122462/mozilla1.6/jss

      7) For Windows -
      Copy libjss3.dll from the following location into mozilla_installed_dir
      /net/cady/export/sqa/ap122462/mozilla1.6/jss/jss/windows-i586

      8) For Solaris -

      Copy libjss3.so from the following location into mozilla_installed_dir
      /net/cady/export/sqa/ap122462/mozilla1.6/jss/jss/solaris-sparc

      Set "MOZILLA_HOME" env variable to Mozilla home directory

      Set "LD_LIBRARY_PATH" env variable to Mozilla home directory

      9) Open the Java Control Panel and make sure that "Use Certificates and keys in browser keystore" under "Advanced"->"Security" is checked.

      10) Open the browser and click on the following link -
      https://sqe-jpi-01.sfbay.sun.com:8443/tests/https/pluginhtml-default/GP.html

      The Java Security warning dialog should indicate "The security certificate was issued by a company that is not trusted"

      11) Import the following two certificates under the authority tab in the browser
      /net/cady/export/sqa/ap122462/sun_gte.crt
      /net/cady/export/sqa/ap122462/sun_test_ca.crt

      12) Run the above applet again and the warning message still shows "The security certificate was issued by a company that is not trusted"

      The above message is expected to be "The security certificate was issued by a company that is trusted" as the browser should have recognized the certificates that were imported.

      The above problem is there across all platforms.
      ###@###.### 10/26/04 18:27 GMT

        Attachments

          Activity

            People

            Assignee:
            dgu Dennis Gu (Inactive)
            Reporter:
            anprabha Anjana Prabhakar (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: