(this question has been posted on java , mac forums beginning 3 days ago, have not received helpful information date.)
hello,
have developed website archive privately distributed stand alone archive run locally on user's computer (no server). uses lucene search engine (java) search archive; search api/applet packaged in jar file , jarfile/applet self-signed.
in order search, self-signed certificate created search applet, since files in archive searching on user's hard drive. after initial installation of archive, , upon first search initiated, security window pops asking user permission user run applet.
problem lies here:
windows , versions of mac os x prior 10.7 (lion), user can check "always trust" (or similar), , on, subsequent searches carried out without prompting user accept certificate (even after restarting browser application)
however, on lion, user can run applet once, , continue security prompt on every search afterwards, though "always trust" checked.
behaviour occurs whether using firefox or safari, apparent system related, not browser issue.
attempted manually import certificate both keychain access, , authorities under firefox's certificate manager (see http://www.clintharris.net/2009/self-signed-certificates/). not successful.
possibilities have considered are:
there no publisher name self-signed cert. on previous versions of os x, security window states signer's name, , option view certificate. user can check "always trust these certificates". on lion, security window states publisher's name, comes "unknown". analogous "always" checkbox states, "always trust content publisher". appears pre-lion allowing option trust particular certificate, whereas lion allowing option trust publisher.
there way create publisher name when self-signing?
far importing certificate, because archive local (url = file://) won't recognize it? know why doesn't work?
know happening here, or can suggest work-around (besides paying "trusted" ca). worked hunky-dory -- until lion...
seems me user should have option of choosing whether trust certificate or not. 1 need have verisign's stamp of approval trust he's known , worked 20 years?
in opinion seems bug in lion; is, user can choose 1 time accept certificate, there no option accept in future.
thank kindly,
allasso travesser
i have observed if attempt load applet webserver, different security prompt appears, giving option accept content particular site, or if go advanced options, can choose accept content same signature. when this, behaves desired.
appears problem reveals when applet located on local filesystem. not know why such distinction should made.
allasso
Forums Macs macOS Older OS X Versions Mac OS X Lion (10.7)
- iPhone
- Mac OS & System Software
- iPad
- Apple Watch
- Notebooks
- iTunes
- Apple ID
- iCloud
- Desktop Computers
- Apple Music
- Professional Applications
- iPod
- iWork
- Apple TV
- iLife
- Wireless
No comments:
Post a Comment