Workaround for secure Java applet problems

May 25, '02 10:12:02AM

Contributed by: xTina

Some java applets on secure sites (online banking for example) won't work on OS X. This affects both Internet Explorer and Mozilla (with MRJ Plugin). Other browsers using the Java implementation on OS X are probably similarly affected.

The browser's status bar will show an "applet not initialized" message, and the Java console will tell you that a javax.net.ssl.SSLException is thrown. This may be caused by a bug known to Apple - the Java implementation has trouble with certain SSL certificates. Until Apple fixes this problem, they suggest a fairly simple workaround (unfortunately, you will need a Windows version of Internet Explorer for this):

  1. Access the problematic site with Internet Explorer on Windows. Click on the padlock item and export the certificate to a file.

  2. Copy the certificate to your Mac.

  3. Use the command
    sudo keytool -import -trustcacerts -keystore[space]
    /Library/Java/Home/lib/security/cacerts -file mycert.cer
    to import the certificate file to your keystore (substitute mycert.cer with the name of the file containing the certificate). Note that the above command is shown on two lines; replace [space] with an actual space character and enter the command as one line. The keystore is password protected - the default password is "changeit".

  4. Restart your browser and enjoy!
[Editor's note: Anyone out there have a Java site they have trouble accessing? Does this fix work? I don't have any sites that I can use here to test it with.]

Comments (10)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20020525101202503