Hi Folks, I'd really appreciate if someone can help me solve this one.
Short Description:In my
J2EE application I have SSL turned on and also "client authentication required" is turned on as well. The client side certificate is installed(imported into) the browser. Now the application works fine until I try to
test a page that has an
applet embedded. When this page comes the JVM(I am assuming its JVM) shows up a list of certificates to choose from. The list contains only one certificate and based on the browser option it should have skipped the dialog box. It only happens once per session but is annoying to the user and unacceptable ui behaviour.
Details:
The application is typical J2EE running on IBM HttpServer(1.36) & Websphere Application Server(WAS 5.12)combination. The Client JRE version is Version 1.5.0 (build 1.5.0_01-b08), the latest.When I used the JRE 1.42 then the applet didnt load at all(error on the server said client certificate not sent).The certificates is self signed The JRE plugin's Control panel's Advanced tab has an option called "Use certificate and keys from browser keystore". This is turned ON.
I have tried turning the above off and importing the certificate into the Java plugin itself, same result. The browser has an option(Tools-->Internet Options-->Security-->Pick appropriate zone-->Miscellaneous-->Don't prompt for client certificate when no certificate or only one certificate. This is enabled. Disabled causes certificate selection dialog even for normal non applet pages. [ February 03, 2005: Message edited by: santosh kulkarni ]