Unable To Launch Legacy Java Applications With Java 7.x Installed
ISSUE
You are unable to launch older Java applications with Java 7 Update 45 or higher installed. Java application may show “Application Blocked For Security” message box in web browser with text similar to “Failed To Validate Certificate. The Application Will Not Be Executed. Publisher: v7.x.xx”
APPLIES TO
Java 7 Update 45 and higher.
CAUSE
Enhanced security in Java 7u45 and higher causes legacy Java applications to not load as expected due to certificate requirements not being met.
RESOLUTION
The fix for this issue may only require step 1 or may require both steps 1 and 2. This depends on the application you are launching and whether or not it is using an older SSL certificate. Follow the directions below to resolve:
STEP 1: Lower security settings in the Java Control Panel.
- Go to the “Control Panel” on your Windows machine.
- Find the “Java (32 bit)” control panel and open it.
- Click the ‘Security’ tab and lower the slider from the default (high) to the new (medium) setting.
- Hit ‘OK’ to make changes take effect.
- Close your web browser and try your application(s) again.
This will allow most applications to run as they did on previous versions of Java. If you still cannot access your Java based software, such as on older Cisco switches or Brocade switches, follow STEP 2 below. Otherwise you are done!
STEP 2: Modify the Java.Security file to allow lower encryption execute rights.
Choose your method of attack. You can manually modify the file on your hard drive with a text editor, such as Notepad or Wordpad -OR- you can download the attachment on this post (java.security) and copy to your java folder, overwriting the current local copy. See directions below.
MANUAL STEPS:
- Modify the java.security file manually : Open c:\program files (on x86 machines) or c:\program files (x86) on 64-bit machines.
- Open the ‘Java’ folder
- Open the ‘jre7′ folder
- Open the ‘lib’ folder
- Open the ‘security’ folder
- Double-click on the file called java or java.security – you will need to tell it to open with a program, choose NOTEPAD or WORDPAD from the list.
- Once the file is open and you can see the text, find the following line : “jdk.certpath.disabledAlgorithms=MD2, RSA keySize <“. You will notice that this line has a value of 1024 by default on Java 7 update 45 and higher. This line must be modified to allow older weaker secured applications to run. The recommended value to change this line to is 256. Once you have replaced 1024 with 256, you can save the file and close the folder(s).
LESS MANUAL STEPS:
- You can alternately download the java.security.zip file on this post (java.security)
- Extract the java.security file from the downloaded .zip file.
- Copy the extracted java.security file to: c:\program files\java\jre7\lib\security (on x86 machines) or c:\program files (x86)\java\jre7\lib\security (on x64 machines).
- You will choose to overwrite the existing file when prompted.
- You can then close everything out and retry your application(s).
HOW TO USE
The results after successfully running STEP 2 should show a different message when your previously unworking application starts.
Notice now, you have the option to ‘RUN’ the application where as before you had no options. You can check the ‘do not show this again’ message selection box to quietly run that application again in the future.
CONCLUSION
The is a fix for the version of Java currently installed on your system. This file MAY GET REPLACED the next time java updates itself, which seems to happen more frequently than most of us care for! Just be advised, if the update replaces this modified file from STEP 2, you can easily repeat the steps above to correct it again. STEP 1 usually sticks even after updates (so far).
DISCLAIMER
Use of this fix has proven helpful to many, however, DNS Texas is not responsible for any issues that may arise. Use at your own risk.