本文解决了一个客户遇到的问题:在尝试连接Brocade FC交换机的管理界面时,Java Applet未启动,显示“证书验证失败,应用程序无法执行”的错误。文章详细分析了证书问题,指出使用了不被Java默认支持的MD2签名算法和小于1024位的RSA密钥,这些被认为是不安全的。提供了禁用Java检查的方法,即修改java.security文件中的设置。
Hi,
last week a customer had the problem that he wants to connect to the administration interface of a Brocade FC Switch but the Java Applet did not start. This error message was shown: “Failed to validate certificate. The application will not be executed”
Failed to validate certificate. The application will not be executed
A detailed look into the certificate shows that a signature algorithm MD2withRSA was used to create it.
Java Certificate error
Java certificate details
MD2 is disabled in java by default also a RSA key with less then 1024bits. Because these are no longer considered as secure and therefore java reject such certificates.
You can disable this check, because you have start the applet to access your FC Switch. Locate the file java.security in the lib/security folder of your java installation and comment the following[注释掉下面一行,同时在javacontrol中增加例外]:
# jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
The applet should start now but for security reasons it is recommended to reverse this change if it is no longer needed.
Michael
扫一扫
3871
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
