Java 7

Problem with the forum? Let us know here

Java 7

Postby sgomez » Fri Aug 04, 2017 6:21 pm

We are having a problem with the Server application. To date the customer was using Java 6 and there were no issues. For different reasons, this client changed to Java 7 and this is where we started having problems running the application.
We are running Servoy 5.15 where we have our applications. The server specs. are:
• Windows Server 2008 R2 Standard
• 8 GB. Ram.
• Intel Xeon CPU E5-2690 v2 3.00 GHz Processor
• Java 6.
Application Server.
• Server Information
• Servoy version 5.2.15 -build 1028
• Port used by RMI Registry: 1099


When the application runs on the workstation we constantly receive a "Connection to Servoy Server is invalid" error. The Network configuration is set to "Direct Connect". This workstation has Java 7 installed.
The Workstation Specs. are:
• Windows 7 Profesional (x86)
• 4 Gb. Ram.
• Procesador Intel Core I-5 CPU @ 3.20 GHz 3.20 GHz
• Java version 7.
When we run the jnlp file our application shows the error "Connection to Servoy Server is invalid" and the Application Server shows the following error:
I/O exception, see log for full details: Received fatal alert: certificate_unknown 2017-08-03 15:08 SocketAccepter[4] ERROR com.servoy.j2db.util.Debug SocketAcceptor failure for socket: 819191[SSL_NULL_WITH_NULL_NULL: Socket[addr=/10.113.15.43,port=49273,localport=1099]]

This does not happen when we run the same jnlp file from a post with Java 6.

Regards.
sgomez
 
Posts: 1
Joined: Fri Aug 04, 2017 6:20 pm

Re: Java 7

Postby ROCLASI » Sun Aug 06, 2017 10:33 pm

Hi sgomez,

Oracle implemented a lot stricter security checks in Java 7 (and up). For instance it's almost impossible to use a self-signed certificate. Also expired certificates (SSL and Codesigning) are not allowed anymore.
Servoy 5.2.15 is pretty old (2012) and it's code signing cert is already expired (14 feb, 2015). On top of that Servoy's default SSL certificate has also expired on these old versions.
Both issues can be remedied by getting/using your own (not-selfsigned) certificates and re-codesign the whole installation and setup your own SSL certificate. That last part has always been best practice because the default SSL cert was only there for development/testing purposes. Using Servoy's default SSL certificate doesn't make your connection secure as the same certificate comes with every Servoy installer. Also your passwords in the servoy.properties are encrypted using your SSL certificate.

If you don't want to re-codesign your installation then I suggest you upgrade your installation and solution to (at least) version 7.4.10. Those have valid code signing and SSL certs. But again, you should always use your own SSL cert in production.

Hope this helps.
Robert Ivens
ROCLASI Software Solutions / JBS Group, Partner
SAN Developer / Servoy Valued Professional / Servoy Certified Developer
Twitter: @roclasi / @servoyforge
--
ServoyForge - Building Open Source Software.
PostgreSQL - The world's most advanced open source database.
User avatar
ROCLASI
Servoy Expert
 
Posts: 5230
Joined: Thu Oct 02, 2003 9:49 am
Location: Netherlands/Belgium


Return to Forum Support

Who is online

Users browsing this forum: No registered users and 1 guest

cron