2019 Expiring Java Client certificates
Article ID: 115724
Updated On:
Products
Issue/Introduction
What happens if my Java certificates are expired?
Environment
Component:
Resolution
A future release of Applications Manager version 9 still under maintenance will include new Java certificates with updated validity period.
Applications Manager 9.3 is not affected and does not need a new Java certificate.
Applications Manager version 8 has been out of support since March, 2018 so it will not be not be receiving a renewal to it's Java Certificates.
Additional Information
Workaround 1:
Use Java 7 update 45 or lower since these versions do not include Java certificate checking.
Workaround 2:
Add the Java Web Client's Apache URL to Java's exception site list by opening Java control panel's security tab.
<Please see attached file for image>
Edit Site List, choose Add and enter in the Java Web Client's Apache URL. The Apache URL for the Java Web Client is URL to Launch the Web Client but excluding all characters after the Apache Port. In this example, the client URL is "http://172.16.148.162:80/PHMAM8/Intro.html", so the Apache URL is "http://172.16.148.162:80". Select Continue to accept the risk.
<Please see attached file for image>
Confirm that the URL is listed in the Exception Site List as seen below.
<Please see attached file for image>
Select Apply/OK.
Later versions of Java require an additional setting. If adding the URL to the exception site does not work, select the Advanced Tab of the Java Control Panel and change the option "Check for TLS certificate revocation using" from "Both CRLs and OCSP" to "Certificate Revocation Lists". Please consult with your OS admin regarding these settings if required.
Attachments
Feedback
