On 02/01/2014 10:30 AM, J. Roeleveld wrote: > On Sat, February 1, 2014 16:59, walt wrote: >> I admit that Oracle finally did something right by requiring a white-list >> of all java websites you want to use, but it's taken me all morning to >> understand how to do it. >> >> AFAICT, the only way to white-list a website is to use the Java Control >> Panel (jcontrol) and type the full URL including the http:// or preferably >> the https:// if you don't want a nag screen. >> >> For example, here's a site I visit every morning: >> >> http://www.goes.noaa.gov/goes-w.html which lets me watch a java-powered >> image loop of the weather over the Pacific Ocean. >> >> Now I click on the button to animate the image, and I get a pop-up saying >> that this untrusted website wants to do something awful and refuses to let >> it run java, period. No explanation of how I can 'trust' the website. >> >> How many people are going to figure out they need to run the Java Control >> Panel and manually add this site to the list of trusted sites? >> >> And, now that I've added "http://www.goes.noaa.gov" manually, I try the >> site again. >> >> Nope. The jar file I need is on a "different domain" (www.sdd.noaa.gov) >> so now I need to add that URL to the white list <sigh> including http:// >> >> Now, I agree that they did it right from a security point of view, but >> jeez, they could have done the user interface a bit better. >> >> Or maybe they did it better and I haven't found it yet? > > If there is a better way, please let me know. > > The IPMI of my servers use a Java application to allow me to see the console. > The errors I got have included: > - You are using an old version, please upgrade > - This site is untrusted / certificate is wrong > - This java application is blocked > > The last one led me to a page actually showing me how to "fix" this. > > An easier way then to use the silly jconsole might be found in the > following location: > > ~/.java/deployment/security/
WTF? No XML? ;) > > HTH, Very much, thanks. > PS. If anyone knows how to get an SSL-certificate that is accepted by > this, please let me know. I don't think I understand the question. jconsole has a button marked "Manage Certificates", that's not what you want?