Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8030990

Cannot start applet signed with VeriSign certificate

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P2
    • Resolution: Duplicate
    • Affects Version/s: 8
    • Fix Version/s: None
    • Component/s: deploy
    • Labels:
    • Subcomponent:
    • OS:
      windows_7

      Description

      FULL PRODUCT VERSION :
      java version "1.8.0-ea"
      Java(TM) SE Runtime Environment (build 1.8.0-ea-b120)
      Java HotSpot(TM) Client VM (build 25.0-b62, mixed mode)

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows [Version 6.1.7601]

      A DESCRIPTION OF THE PROBLEM :
      Cannot start applet signed with VeriSign certificate. An error message dialog is displayed:
      Caption:
         Application Blocked for Security
      Text:
         Failed to validate certificate.
         The application will not be executed.

      Some certificate details:

      Version: V3
      Signature Algorithm: [SHA1withRSA]
      Issuer: CN=VeriSign Class 3 Code Signing 2010 CA,
       OU=Terms of use at https://www.verisign.com/rpa (c)10,
       OU=VeriSign Trust Network,
       O="VeriSign, Inc.",
       C=US
      Validity: [From: Thu Aug 29 02:00:00 CEST 2013,
       To: Sun Aug 30 01:59:59 CEST 2015]


      REGRESSION. Last worked in version 7u45

      ADDITIONAL REGRESSION INFORMATION:
      java version "1.7.0_45"
      Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
      Java HotSpot(TM) Client VM (build 24.45-b08, mixed mode, sharing)

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Try starting an applet signed with a VeriSign class 3 certificate

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Normal applet start
      ACTUAL -
      Applet start fails with an error message dialog

      ERROR MESSAGES/STACK TRACES THAT OCCUR :
      Error Message dialog
      Caption:
         Application Blocked for Security
      Text:
         Failed to validate certificate.
         The application will not be executed.

      More Information... ->

      java.lang.ClassCastException: com.sun.deploy.security.X509CertificateWrapper cannot be cast to sun.security.x509.X509CertImpl
      at sun.security.provider.certpath.OCSPResponse.verify(Unknown Source)
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
      at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
      at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)
      at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
      at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
      at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
      at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
      at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
      at java.security.AccessController.doPrivileged(Native Method)
      at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
      at java.security.AccessController.doPrivileged(Native Method)
      at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
      at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader$1.run(Unknown Source)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
      at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
      at java.lang.ClassLoader.loadClass(Unknown Source)
      at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
      at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
      at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
      at java.lang.Thread.run(Unknown Source)


      REPRODUCIBILITY :
      This bug can be reproduced always.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                dtitov Daniil Titov
                Reporter:
                webbuggrp Webbug Group
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: