|
Bugzilla – Full Text Bug Listing |
| Summary: | javaws (OpenJDK) cannot start Cisco JNLP file with self signed certificate | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 12.2 | Reporter: | Forgotten User xRcrmyYBVX <forgotten_xRcrmyYBVX> |
| Component: | Java | Assignee: | Michal Vyskocil <mvyskocil> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | ||
| Version: | Final | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | maint:running:49994:moderate maint:released:sle11-sp2:50026 | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Bug Depends on: | |||
| Bug Blocks: | 787846 | ||
There is a patched icedtea-web aims to fix this issue https://build.opensuse.org/package/show?package=icedtea-web&project=home%3Abran0k%3Abranches%3AopenSUSE%3A12.2%3AUpdate would you be so kind and test it? Hello,
I can confirm that the packages from above repository fix the original problem with the self signed certificate in the JNLP file!
Unfortunately, the Cisco ASDM application does not run correctly after starting, either it:
1) hangs during download of JAR files and gives an error "netx: Initialization Error: Could not initialize application. (Fatal: Application Error: Unknown Main-Class. Could not determine the main class for this application."
2) hands during first start of UI, after successful login and software download.
3) hangs during consecutive starts after successful login and loading of cached software with the following message: "java.lang.ClassNotFoundException: com.sun.deploy.util.Trace
at net.sourceforge.jnlp.runtime.JNLPClassLoader.loadClass(JNLPClassLoader.java:1609)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:186)
at com.cisco.launcher.i.a(Unknown Source)
at com.cisco.launcher.i.if(Unknown Source)
at com.cisco.launcher.i.a(Unknown Source)
at com.cisco.launcher.s.if(Unknown Source)
at com.cisco.launcher.Launcher.main(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:594)
at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:889)"
I have an "strace" logfile available for the case 3 problem...
Thus, original Oracle Java needs to be installed to run this application for now.
Ok, it looks like these problems are due to Cisco not supporting Java7 so far, see: https://supportforums.cisco.com/thread/2174133 or http://www.bigsoft.co.uk/blog/index.php/2012/08/31/cisco-asdm-5-2-for-asa-classcastexception-x509trustmanagerimpl-to-x509extendedtrustmanager Hence, the original problem is solved! The self-signed issue has been added to icedtea-web 1.3.1 - an update is handled in bnc#787846. This is an autogenerated message for OBS integration: This bug (785333) was mentioned in https://build.opensuse.org/request/show/141112 https://build.opensuse.org/request/show/141113 This is an autogenerated message for OBS integration: This bug (785333) was mentioned in https://build.opensuse.org/request/show/141254 Update released for: icedtea-web, icedtea-web-debuginfo, icedtea-web-debugsource, icedtea-web-javadoc Products: SLE-DEBUGINFO 11-SP2 (i386, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) openSUSE-SU-2012:1524-1: An update that solves one vulnerability and has three fixes is now available. Category: security (moderate) Bug References: 784859,785333,786775,787846 CVE References: CVE-2012-4540 Sources used: openSUSE 12.2 (src): icedtea-web-1.3.1-1.9.1 openSUSE 12.1 (src): icedtea-web-1.3.1-17.1 This is an autogenerated message for OBS integration: This bug (785333) was mentioned in https://build.opensuse.org/request/show/142728 Evergreen:11.2 / icedtea-web This is an autogenerated message for OBS integration: This bug (785333) was mentioned in https://build.opensuse.org/request/show/142995 Evergreen:11.2 / icedtea-web released, fixed |
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0 Using Java Webstart from OpenJDK 1.7 to start a Cisco JNLP file results in: # javaws -verbose asdm.jnlp -------- netx: Read Error: Could not read or parse the JNLP file. (java.security.cert.CertificateException: No subject alternative names present) net.sourceforge.jnlp.LaunchException: Fatal: Read Error: Could not read or parse the JNLP file. at net.sourceforge.jnlp.Launcher.fromUrl(Launcher.java:491) at net.sourceforge.jnlp.Launcher.launch(Launcher.java:283) at net.sourceforge.jnlp.runtime.Boot.run(Boot.java:202) at net.sourceforge.jnlp.runtime.Boot.run(Boot.java:51) at java.security.AccessController.doPrivileged(Native Method) at net.sourceforge.jnlp.runtime.Boot.main(Boot.java:168) Caused by: java.io.IOException: java.security.cert.CertificateException: No subject alternative names present at net.sourceforge.jnlp.JNLPFile.openURL(JNLPFile.java:284) at net.sourceforge.jnlp.JNLPFile.<init>(JNLPFile.java:214) at net.sourceforge.jnlp.JNLPFile.<init>(JNLPFile.java:190) at net.sourceforge.jnlp.JNLPFile.<init>(JNLPFile.java:175) at net.sourceforge.jnlp.JNLPFile.<init>(JNLPFile.java:161) at net.sourceforge.jnlp.Launcher.fromUrl(Launcher.java:477) ... 5 more -------- Oracle JDK 1.7 does not exhibit this problem and starts the JNLP file normally Reproducible: Always Steps to Reproduce: 1. Use a jnlp file with self signed certificate 2. javaws <file>.jnlp Actual Results: Fails with error Expected Results: Should at least start and prompt on what to do about the self signed cert