We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

How to configure JSS 4 with Firefox 21.0 to to use with HTTPS client authentication? It´s supposed that JSS allows an applet to access Mozilla user´s cert

  • 2 respostas
  • 6 have this problem
  • 10 views
  • Last reply by arindaml

more options

We are trying to use HTTPS client certificate based authentication to access a Java Applet in Firefox v21.0. We have followed the instructions as per the below two urls to enable JSS 4 -

https://developer.mozilla.org/en-US/docs/JSS/Using_JSS
http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/keystores.html
http://download.java.net/jdk8/docs/technotes/guides/deployment/deployment-guide/keystores.html

We are using JRE version 1.7.0_25-b16 Java HotSpot(TM) Client VM in Firefox v21 but we are getting -
security: Accessing keys and certificate in Mozilla user profile: null
security: JSS is not configured

followed by SSK handshake failure when trying to load the client certificate.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
 at sun.security.ssl.Alerts.getSSLException(Unknown Source)
 at sun.security.ssl.Alerts.getSSLException(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
 at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
 at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
 at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
 at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
 at sun.plugin.PluginURLJarFileCallBack.connect(Unknown Source)
 at sun.plugin.PluginURLJarFileCallBack.retrieve(Unknown Source)
 at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source)
 at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source)
 at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source)
 at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source)
 at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown Source)
 at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFileInternal(Unknown Source)
 at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
 at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
 at java.security.AccessController.doPrivileged(Native Method)
 at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
 at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
 at java.lang.ClassLoader.loadClass(Unknown Source)
 at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
 at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
 at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
 at java.lang.Thread.run(Unknown Source)

The client cert based authentication is working when using IE v8 and IE v9 with the same JRE version (JRE version 1.7.0_25-b16 Java HotSpot(TM) Client VM)

Any help to resolve this issue will be very much appreciated.

We are trying to use HTTPS client certificate based authentication to access a Java Applet in Firefox v21.0. We have followed the instructions as per the below two urls to enable JSS 4 - https://developer.mozilla.org/en-US/docs/JSS/Using_JSS<br /> http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/keystores.html<br /> http://download.java.net/jdk8/docs/technotes/guides/deployment/deployment-guide/keystores.html We are using JRE version 1.7.0_25-b16 Java HotSpot(TM) Client VM in Firefox v21 but we are getting - <br /> security: Accessing keys and certificate in Mozilla user profile: null<br /> security: JSS is not configured followed by SSK handshake failure when trying to load the client certificate. <pre><nowiki>javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at sun.plugin.PluginURLJarFileCallBack.connect(Unknown Source) at sun.plugin.PluginURLJarFileCallBack.retrieve(Unknown Source) at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source) at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source) at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source) at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source) at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown Source) at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFileInternal(Unknown Source) at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source) at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source) at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source)</nowiki></pre> The client cert based authentication is working when using IE v8 and IE v9 with the same JRE version (JRE version 1.7.0_25-b16 Java HotSpot(TM) Client VM) Any help to resolve this issue will be very much appreciated.

cor-el modificouno o

All Replies (2)

more options

Hi,

Did you add your client certificate(.pfx) into Firefox Certificate Store/Manager? Google Chrome and IE use the same Certificate Store. Firefox use it's own. File ->Options->Advanced->View Certificates.

ktest modificouno o

more options

Thank you for your response. Yes we have added the client certificate file (.pfx) in the Firefox browser Certificate manager / Store. It's also showing the certificate in the View Certificate window. We could not resolve it yet.