Java applet won't load in IE after Java 8 upgrade
Have you tried turning off "TLS 1.2" in your Java Console?
Java8 seems to use TLS 1.2 as default, so in case your server doesn't support it, you might get the same error as you mentioned.
https://blogs.oracle.com/java-platform-group/entry/java_8_will_use_tls
Cody Jenkins
Updated on March 26, 2020Comments
-
Cody Jenkins over 4 years
I have a Java applet that I use to read SD card data from a user's PC. The applet lives on a web site that you log in to. To log-in to the web site you must use a browser certificate. Once you're logged in, you go to the SD card download page, the applet initializes, reads the card data, and sends it to some JavaScript on the page.
The issue that I have now is that the applet does not load since installing Java 8 on my browser. Specifically it does not work in any version of IE (tested 8, 9, 10, and 11). It runs fine in Firefox. I have not tried Chrome.
I haven't found anyone else who has a similar issue. It could be because it is relatively new. Does anyone know why this is happening and have any idea how to fix it?
There is a stacktrace in the Java console in IE8 that looks relevant. Here are some interesting pieces:
javax.net.ssl.SSLHandshakeException: Error signing certificate verify ... Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey ... com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp
Edit: Here's an additional piece of info. The applet works correctly on a different server with with OpenSSL 1.0.1i. The applet does not work with the original server which has OpenSSL 1.0.0m.
Here is the full log. The stacktrace does not appear in the log for Firefox.
Java Plug-in 11.25.2.18 Using JRE version 1.8.0_25-b18 Java HotSpot(TM) Client VM User home directory = C:\Users\codyj ---------------------------------------------------- c: clear console window f: finalize objects on finalization queue g: garbage collect h: display this help message l: dump classloader list m: print memory usage o: trigger logging q: hide console r: reload policy configuration s: dump system and deployment properties t: dump thread list v: dump thread stack x: clear classloader cache 0-5: set trace level to <n> ---------------------------------------------------- network: Created version ID: 1.8.0.25 network: Created version ID: 1.8 network: Created version ID: 8.0.25 network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT security: Loading SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts security: Loaded SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts security: Obtain certificate collection in SSL Root CA certificate store security: Obtain certificate collection in SSL Root CA certificate store security: Loading certificates from Deployment session certificate store security: Loaded certificates from Deployment session certificate store security: Loading certificates from Internet Explorer ROOT certificate store security: Loaded certificates from Internet Explorer ROOT certificate store security: Loading certificates from Internet Explorer DISALLOWED certificate store security: Loaded certificates from Internet Explorer DISALLOWED certificate store security: Loaded blacklisted.certs file: C:\Users\codyj\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: Checking if SSL certificate is in Deployment permanent certificate store security: Loading certificates from Internet Explorer ROOT certificate store security: Loaded certificates from Internet Explorer ROOT certificate store security: Saving certificates in Deployment session certificate store security: Saved certificates in Deployment session certificate store javax.net.ssl.SSLHandshakeException: Error signing certificate verify at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivileged(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source) at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source) at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source) at sun.plugin2.main.client.PluginMain.initManager(Unknown Source) at sun.plugin2.main.client.PluginMain.access$200(Unknown Source) at sun.plugin2.main.client.PluginMain$2.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey at java.security.Signature$Delegate.chooseProvider(Unknown Source) at java.security.Signature$Delegate.engineInitSign(Unknown Source) at java.security.Signature.initSign(Unknown Source) at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source) ... 34 more network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT security: Obtain certificate collection in SSL Root CA certificate store security: Obtain certificate collection in SSL Root CA certificate store security: Loading certificates from Deployment session certificate store security: Loaded certificates from Deployment session certificate store security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B security: Checking if certificate is in Internet Explorer DISALLOWED certificate store javax.net.ssl.SSLHandshakeException: Error signing certificate verify at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivileged(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source) at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source) at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source) at sun.plugin2.main.client.PluginMain.initManager(Unknown Source) at sun.plugin2.main.client.PluginMain.access$200(Unknown Source) at sun.plugin2.main.client.PluginMain$2.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey at java.security.Signature$Delegate.chooseProvider(Unknown Source) at java.security.Signature$Delegate.engineInitSign(Unknown Source) at java.security.Signature.initSign(Unknown Source) at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source) ... 35 more com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source) at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source) at sun.plugin2.main.client.PluginMain.initManager(Unknown Source) at sun.plugin2.main.client.PluginMain.access$200(Unknown Source) at sun.plugin2.main.client.PluginMain$2.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: javax.net.ssl.SSLHandshakeException: Error signing certificate verify at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at sun.security.ssl.Handshaker.fatalSE(Unknown Source) at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at sun.security.ssl.Handshaker.processLoop(Unknown Source) at sun.security.ssl.Handshaker.process_record(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivileged(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source) at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source) at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source) at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source) at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source) at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source) at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source) at sun.plugin2.main.client.PluginMain.initManager(Unknown Source) at sun.plugin2.main.client.PluginMain.access$200(Unknown Source) at sun.plugin2.main.client.PluginMain$2.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey at java.security.Signature$Delegate.chooseProvider(Unknown Source) at java.security.Signature$Delegate.engineInitSign(Unknown Source) at java.security.Signature.initSign(Unknown Source) at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source) ... 35 more network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT security: Obtain certificate collection in SSL Root CA certificate store security: Obtain certificate collection in SSL Root CA certificate store security: Loading certificates from Deployment session certificate store security: Loaded certificates from Deployment session certificate store security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE security: Checking if certificate is in Internet Explorer DISALLOWED certificate store security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B security: Checking if certificate is in Internet Explorer DISALLOWED certificate store basic: JNLP2Manager.initialize(): JNLP not available: /cardtocloud/cardtocloud.jnlp basic: exception: null. java.lang.NullPointerException at sun.plugin2.applet.JNLP2Manager.getAppInfo(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Ignored exception: java.lang.NullPointerException basic: Dialog type is not candidate for embedding security: Reset deny session certificate store