我有一个 Java 小程序,用于从用户的 PC 读取 SD 卡数据。该小程序位于您登录的网站上。要登录网站,您必须使用浏览器证书。登录后,您会转到 SD 卡下载页面,小程序会初始化、读取卡数据,并将其发送到页面上的一些 JavaScript。
我现在遇到的问题是,自从在我的浏览器上安装 Java 8 后,该小程序未加载。具体来说,它不适用于任何版本的 IE(已测试 8、9、10 和 11)。它在 Firefox 中运行良好。我没有尝试过 Chrome。
我还没有发现其他人有类似的问题。可能是因为它相对较新。有谁知道为什么会发生这种情况并且知道如何解决它?
在 IE8 的 Java 控制台中有一个看起来相关的堆栈跟踪。这里有一些有趣的片段:
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
...
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
...
com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp
编辑:这是一条额外的信息。该小程序在装有 OpenSSL 1.0.1i 的不同服务器上正常工作。该小程序不适用于具有 OpenSSL 1.0.0m 的原始服务器。
这是完整的日志。堆栈跟踪不会出现在 Firefox 的日志中。
Java Plug-in 11.25.2.18
Using JRE version 1.8.0_25-b18 Java HotSpot(TM) Client VM
User home directory = C:\Users\codyj
----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------
network: Created version ID: 1.8.0.25
network: Created version ID: 1.8
network: Created version ID: 8.0.25
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Loading SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts
security: Loaded SSL Root CA certificates from C:\Program Files (x86)\Java\jre1.8.0_25\lib\security\cacerts
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Loading certificates from Internet Explorer DISALLOWED certificate store
security: Loaded certificates from Internet Explorer DISALLOWED certificate store
security: Loaded blacklisted.certs file: C:\Users\codyj\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: Checking if SSL certificate is in Deployment permanent certificate store
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 34 more
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 35 more
com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by:
javax.net.ssl.SSLHandshakeException: Error signing certificate verify
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.access$200(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$9.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequest(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.initialize(Unknown Source)
at sun.plugin2.main.client.PluginMain.initManager(Unknown Source)
at sun.plugin2.main.client.PluginMain.access$200(Unknown Source)
at sun.plugin2.main.client.PluginMain$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: com.sun.deploy.security.MSCryptoRSAPrivateKey
at java.security.Signature$Delegate.chooseProvider(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Unknown Source)
at java.security.Signature.initSign(Unknown Source)
at sun.security.ssl.HandshakeMessage$CertificateVerify.<init>(Unknown Source)
... 35 more
network: Connecting https://xdc-fqq02.example.com/cardtocloud/cardtocloud.jnlp with proxy=DIRECT
network: Connecting http://xdc-fqq02.example.com:443/ with proxy=DIRECT
security: Obtain certificate collection in SSL Root CA certificate store
security: Obtain certificate collection in SSL Root CA certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: SHA-256Certificate finger print: F94D2C80A1172FC591F964D4DC0E8BAF493C92FE678B6B8B07D362607EBD33AB
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0855414AF5F5FD7E264F8B002A39CCED67E5952E89B61B680CC847BAA34944DE
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: 0AE1484292B20EE696D4593DBE46F91479F8DAD58FC057CFD52FA3FA8FB3CE4B
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
basic: JNLP2Manager.initialize(): JNLP not available: /cardtocloud/cardtocloud.jnlp
basic: exception: null.
java.lang.NullPointerException
at sun.plugin2.applet.JNLP2Manager.getAppInfo(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Ignored exception: java.lang.NullPointerException
basic: Dialog type is not candidate for embedding
security: Reset deny session certificate store
最佳答案
您是否尝试过在 Java 控制台中关闭“TLS 1.2”?
Java8 似乎默认使用 TLS 1.2,因此如果您的服务器不支持它,您可能会遇到与您提到的相同的错误。
https://blogs.oracle.com/java-platform-group/entry/java_8_will_use_tls
关于Java 8 升级后,Java applet 无法在 IE 中加载,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26392664/