posted by stephenkca (Stephen K CA) on 12/13 at 02:53
Oh no! I love the Java client and keep a Win7 system running with old IE so I can use it.
It just returned "Application Blocked for Security". "Failed to validate certificate. The application will not be executed."
Here's the chain. Hope this can be resolved. Turn on the Donation link and I'll throw in a share to fund it :-).
java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: OCSP response error: MALFORMED_REQUEST at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source) at com.sun.deploy.security.RevocationChecker.check(Unknown Source) at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source) at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source) at com.sun.deploy.security.SandboxSecurity.checkSignedSandboxSecurity(Unknown Source) at com.sun.deploy.security.SandboxSecurity.isPermissionGranted(Unknown Source) at com.sun.deploy.security.SandboxSecurity.isPermissionGranted(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.getPermissions(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.getPermissions(Unknown Source) at java.security.SecureClassLoader.getProtectionDomain(Unknown Source) at java.security.SecureClassLoader.defineClass(Unknown Source) at java.net.URLClassLoader.defineClass(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.defineClassHelper(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.access$100(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source) ... 31 more Caused by: java.security.cert.CertPathValidatorException: OCSP response error: MALFORMED_REQUEST at sun.security.provider.certpath.OCSPResponse.verify(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at sun.security.provider.certpath.OCSP.check(Unknown Source) at com.sun.deploy.security.RevocationChecker$2.run(Unknown Source) at com.sun.deploy.security.RevocationChecker$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.RevocationChecker.doPrivilegedOCSPCheck(Unknown Source) ... 32 more
Re: Failed to validate certificate error, Java
Message #24347 Replies: 1
posted by stephenkca (Stephen K CA) on 12/18 at 16:35
Update -- the day after I posted this I switched back and it worked for the whole day. Yesterday it stopped working and I switched to the non-Java client. This morning Java is working again, for me, but apparently not for LadyRebel. Feels like it must be some problem with whatever it is that forms the request passed to the security processing. Maybe the last Java client update broke something. The inconsistency is rather strange and feels like it could be on the server side.
I was very surprised to learn by chance about a month ago that there are still players using the Java version, since it's been a decade since browsers stopped supporting doing it.
Nothing's changed on the server side (for years), so it does sound like the Java update broke it. That's not surprising, but it's unfortunate. :-(
Sadly, unless you can keep a system preserved in aspic and never update anything (and therefore never use it for anything else, it would be massively unsafe), this sort of thing is going to happen and make the old Java stuff unusable. And of course, the vast majority of people can't do that. (I don't, for instance; I just use the HTML games, despite their issues [you can't accept a draw -- making Chess and Checkers really problematic -- and in Backgammon it's important to use the Roll button instead of clicking the dice to roll, because otherwise it can mess up the move it thinks you're making)].)
Wendy and I are working on a modern replacement (more actively now than ever before), but it'll be months before it's ready for anyone to use.
-- T.J.
Re: Failed to validate certificate error, Java
Message #24364 Replies: 0
posted by stephenkca (Stephen K CA) on 01/03 at 15:59
Preserved in aspic? :-) Not quite, but this particular old system I do retain IE, which I use exclusively for running the Java client for Pocket-Monkey. The Java client does a better job of scrolling back through turns. I guess I shouldn't have accepted its offer to upgrade a couple months back. But it is kind of weird that sometimes it works and sometimes it doesn't. That feels like a server-side inconsistency to me. Though I guess P-M is effectively also preserved in aspic. (Now that you've gotten me onto this line of thought I'm going to have to listen to Larks Tongues In Aspic today.)
Still looking forward to that modern replacement whenever it sees light of day!
Forum
software by
Crowder Software Pocket-Monkey and the Pocket-Monkey logo are trademarks of T.J. Crowder and Jock Murphy. All other trademarks are the property of their respective owners.
