Open scop opened 7 years ago
scop
commented
7 years ago From the error message: "Your security settings have blocked a self-signed application from running"
Portecle's webstart files are self signed, sure. I don't know if/when something will be done about that, but in the meantime, it would be useful to know more details about the setup where this error occurs.
Original comment by: scop
scop
commented
7 years ago If you run JDK 8 update 102, you will discover that the lowest security level is "high". An earlier version removed the ability to run self-signed certificates. The only way to fix this moving forward is to pay for an official SSL certificate. On last check, these cost $9 a year.
Original comment by: cowwoc
scop
commented
7 years ago But the error message is about a self-signed application. An SSL certificate will not change the signedness of the app (jar, jnlp files etc). Or do you mean that it could be ok per the security settings if these same self-signed application files were served over a https connection that has a proper non-self-signed certificate (which are BTW available for free from e.g. letsencrypt.org)?
FWIW I run openjdk 1.8.0_102-b14 on Linux and see no such errors. But the web start implementation in use here is probably quite different from the one included with the Oracle non-openjdk java, maybe that's why.
Original comment by: scop
scop
commented
7 years ago Sorry. Apparently you need a code certificate from a CA that is trusted by the JRE. See http://stackoverflow.com/a/19485007/14731 for more details. Unfortunately, these are more expensive than SSL certificates but they are still not so bad: https://aboutssl.org/compare-code-signing-certificates
Original comment by: cowwoc
scop
commented
7 years ago http://stackoverflow.com/a/3662170/14731 mentions that Certum provides certificates for open-source projects for 19 euros. That is by far the best price I've seen so far.
Original comment by: cowwoc
scop
commented
7 years ago 14€ nowadays (per year) it seems. Until (or actually if, no promises!) this is resolved somehow within Portecle, I suppose adding the JNLP file to the exception site list would serve as a workaround that users can apply. Could you try it out and report back?
http://docs.oracle.com/javase/8/docs/technotes/guides/deploy/exception_site_list.html
Original comment by: scop
scop
commented
7 years ago Confirmed. The exception list works.
Original comment by: cowwoc
scop
commented
7 years ago Thanks, info added to homepage.
Original comment by: scop
When I attempt to run the JNLP file found on the portecle website I get a security error that prevents it from running: http://portecle.sourceforge.net/
Reported by: cowwoc