4 Replies Latest reply on Jan 9, 2016 8:45 PM by Hayton

    java blocked and digital certificates

    tamarask

      I am having an issue with Java Control Panel related to digital certificates.

       

       

      I have already taken all of the measures that I had to related to fixing Java and browsers with my local support.

       

       

      In this link http://www.java.com/en/download/help/appsecuritydialogs.xml in the last dialog where it says: Application blocked for security, comes up when I try to log on the cites where digital certificates are used.

       

       

      Also in Java Control Panel in the Security - Manage certificates I get the ERROR application, GENERAL exception: EOFException: null

       

       

      I was wondering if this maybe  an issue with the Mcaffee security.

       

       

      And if so what can I do next

       

       

       

       

      Thanks in advance

        • 1. Re: java blocked and digital certificates
          Peter M

          Moved this to Consumer > General.

          Probably more to do with your browser settings or the browser you are using, if it's Chrome or Windows 10 Edge, then that sort of thing often occurs.   Try a different browser..

          Java issues are easy to fix, simply uninstall it and then reinstall the latest version and leave it at default settings.

          • 2. Re: java blocked and digital certificates
            tamarask

            The thing is that I did the reinstall and all required settings, and tried from different browsers but the problem is still unsolved. The main issue is that digital certificates are blocked. I am using Firefox and Explorer.

            • 3. Re: java blocked and digital certificates
              Peter M

              I have no idea in that case.    Java Support; java.com Support Options might be a good place to ask, or you can try McAfee/Intel Technical Support, it's free of charge:  Contact Support

               

              I think this is probably easier answered by a forum dedicated to whatever operating system you are using, what is it and then I can maybe recommend one?

              • 4. Re: java blocked and digital certificates
                Hayton

                Below is the Java warning message referred to by tamarask. The meaning of the message is quite clear : the website is attempting to run Java code that is signed with a self-signed certificate, not with a certificate issued by a trusted CA.

                 

                Java warning dialog.PNG

                 

                Java 7 Update 21 introduced changes to the Java browser plug-in behavior that enable you to make more informed decisions before running the Java applet in the browser. A security prompt asks for confirmation before allowing Java content to run in the browser.

                 


                The messages presented depends upon different risk factors, such as ... running applet code that is not signed from a trusted Certificate Authority.

                 

                Self-signed application (Certificate not from trusted authority)

                An application with self-signed certificate is blocked by default. Applications of this type present the highest level of risk because publisher is not identified and the application may be granted access to personal data on your computer.

                The application that you are running is blocked because the application does not comply with security guidelines implemented in Java 7 Update 51.

                Contact the developer or publisher of this application and let them know about the application being blocked.

                 

                If the code is absolutely trusted then this warning can be over-ridden by adding the URL of the application to the Exception Sites List of the Java Control Panel. It is not advisable to do this unless the origin of the applet code is known and trusted.

                 

                https://www.java.com/en/download/help/java_blocked.xml


                Java warning workaqround.PNG


                This is Oracle's doing, not McAfee's. It's been implemented as a basic security measure, and with good reason. Self-signed code is high-risk, and is possibly malicious. In a case like this, it's best to give the website owners a chance to rectify the situation by notifying them that their Java code is being blocked; in the meantime only allow the code to run if it's absolutely trusted.