Java Applets – Application/Publisher Show ‘Unknown’ for Signed Applet On Javascript->Java Calls

Our product is running into an issue specific to Java 8. Java 6/7 runs fine.

We have a package of Java applets that multiple customers use, so the domain this package is deployed to is always different. The package is properly signed with the certificate from Verisign.

When the end user launches a page in the browser, the expected dialog with our application name and publisher appears, and asks the end user to accept the security warning. The end user accepts and clicks ‘Do not ask again’ and the page runs fine.

The trouble starts with pages that make Javascript calls into the Java applets. The behavior appears to be random. New security popups appear, asking the end user to accept the certificate again. My understanding is that once the user selects the certificate initially, this should not happen again. Yet it does.

Then also sometimes the popup appears with the application name and publisher set to UNKNOWN. There does not seem to be any reason for this, the applet package is confirmed to be signed correctly and with a valid certificate from Verisign. Yet, it occurs.

I recognize the initial popup is unavoidable but all of these downstream popups, especially those where the application/publisher are UNKNOWN don’t make sense to me, and I’m not sure how to debug this further. The java console trace logs do not clearly show any more details.

Any ideas? Please feel free to ask me more detail if there is something here unclear.

Source: stackoverflow-javascript