I read on the web that Java version 7u51 (to be released in January 2014) will no longer accept Java Webstart applications that are self-signed by me.
Is that true?
In case it is true, do I have any chance to build a workaround for my JNLP application, so that I am able to start the application even after January 2014?
I have seen that the option to suppress the security warnings because of the usage of a self-signed certificate was removed in 7u40.
Oracle has announced that Java Applet and WebStart functionality, including the Applet API, The Java plug-in, the Java Applet Viewer, JNLP and Java Web Start (containing the javaws tool) are all deprecated in JDK 9 and will be removed in a future release.
Yes, this is true. This blog entry from Oracle has the details.
As I understand it, you have three options for continuing to work:
See also my question about obtaining pre-release versions of these updates to test with.
Oracle just announced that a new feature called the Exception Site List will be available in 7u51.
If it means what I think it means, then in-house-only apps who are currently self-signing their jars can simply ask their users to whitelist the app without the user having to do anything "complicated" for an end user, like importing a cert (for example).
UPDATE:
Java 7u51 was just released, and I can confirm that the Exception Site List solution works quite easily. Just go to Java Control Panel -> Security -> Edit Site List, and add the URL of the self-signed JNLP app to the list of Locations.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With