Hi
I finally discovered what is the issue here. In appears that in case
of unsigned applets, the code is unable to access SunJCE provider
which contains most of the ciphers used by SSL protocol. This means
that a session with SSL server is broken and effectively applet is not
initialised.
So nothing to do with JSS, unless it requires SunJCE.
This problem is related to configuration of JRE under linux due to
export control restrictions. Unfortunately I don't know how to make
JRE to use SunJCE by default.
As a workaround I have set up the following policies using Policy
Manager:
grant {
permission java.security.SecurityPermission
"putProviderProperty.SunJCE";
};
grant {
permission java.lang.RuntimePermission "getProtectionDomain";
};
grant {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
};
I don't know how insecure my actions are, but this definitely fixed
problems with applets under SSL / HTTPS.
Feel free to send me your ideas how to fix this issue in more elegant
way.
Best,
Marcin
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
