Security Instructions for Oracle Java

Go to the applet

Simple instructions to securely run the applet

... and avoid security warnings with Oracle Java... well, most of the time :(.

IMPORTANT: When running the applet from the University of Arizona site, do not use https://..., i.e. always choose this link:

http://alamos.math.arizona.edu/~rychlik/JOde
The reason is that alamos has a self-signed server certificate and marekrychlik.com has a commercial server certificate.

Details of Oracle Java settings

Recent "security enhancements" in Oracle's implementation of Java flag all Java applets which are not electronically signed by a certificate issued by a commercial certificate authority as unsafe to run. Signing with a commercial certificate costs $$$ per year! In order to keep this Java applet (JOde) free of charge, the applet is signed with a self-signed certificate which you can inspect to check that the applet has not been tampered with. Oracle's implementation of Java does not allow a self-signed applet to run with the default security setting, which is set "High". The applet will run without problems, however, if the security level is lowered to "Medium". To change the security settings to "Medium", you should start Control Panel and use settings as shown:

Java Console security tab
Also, you can use the "Edit Site List" to add the JOde websites to "Exception Site List", but at the time of writing this setting seems to have no effect. Even with these settings, Oracle's implementation generates an annoying pop-up:
Oracle security warning pop-up

Linux users can alternatively use a free replacement for Oracle's Java plugin IcedTea, which can be configured so that it does not generate annoying security pop-ups.

 Go to the applet

Enjoy,

Marek Rychlik (rychlik@u.arizona.edu)