Rewrite profile and JavaPatcher settings question about signed Java applets
I am trying to use a Signed Java applet, that is signed with a code signing certificate. In the Portal Access Link I use this Java Applet. My goal is to not receive a Java error saying this applet is signed by an unknown resource. In the Rewrite profile I am using for my Virtual Server. I can only get this to work if I set the Trusted Certificate Authorities to /Common/ca-bundle.crt Then using the Signer and Signing Key as the Java Code signing certificate already used to sign the applet. However this is a problem, because I cannot give my applet and code signing certificate and key to anyone else. Because of obvious problems.. Since the Java applet is already signed, why can I not set the singer and signing key in the rewrite profile to None? There should not be a need to resign and already signed applet. Can anyone shed light on why this would not be working, or if this is even possible? If what I'm trying to accomplish is not possible, then why should I even sign the applet in the first place, if anyone that wants to use this applet will need to buy their own code signing applet to use in their own environment. I have not been able to find any good clear information on this in the Manual and any information would be useful.337Views0likes1CommentJava applet access through "Portal Access"?
Hello all, I have a problem when trying to configure the access to a web server inside my network and then launching a Java Applet propperly. The scenario is as you can see below: The Java Applet is used for managing connections to WTS (the WTS inside the internal network is a target example). I have configured a link using the Portal Access (Virtual Server) to the web server where the Java Applet resides, enabling both full patching and Java patching. Also I have configured for the Virtual Server a rewrite profile. After the configuration, I connect to the virtual server using a browser on a laptop, outside the internal network, as a typical user scenario. The issue comes when the Java Applet is downloaded, as there is no "code rewriting" and/or "code signing", in order to keep the applet connected to the Big IP. Unfortunately, this is needed in order to access the WTS inside the internal network (the Applet is actually used for managing WTS sessions). In other devices such as Juniper, this is automatically done by the device itself (there is a code rewriting/signing done on the fly) so that the very same applet works propperly. Does anyone knows if is there a way to configure this feature and how to do it? If this is not the case, where can I find an API or the appropriate documentation for adapting the applet for the big IP by myself? Thanks in advance for your help, any tips or workarounds will be really appreciated.223Views0likes0CommentsJava applet access through "Portal Access"?
Hello all, I have a problem when trying to configure the access to a web server inside my network and then launching a Java Applet propperly. The scenario is as you can see below: The Java Applet is used for managing connections to WTS (the WTS inside the internal network is a target example). I have configured a link using the Portal Access (Virtual Server) to the web server where the Java Applet resides, enabling both full patching and Java patching. Also I have configured for the Virtual Server a rewrite profile. After the configuration, I connect to the virtual server using a browser on a laptop, outside the internal network, as a typical user scenario. The issue comes when the Java Applet is downloaded, as there is no "code rewriting" and/or "code signing", in order to keep the applet connected to the Big IP. Unfortunately, this is needed in order to access the WTS inside the internal network (the Applet is actually used for managing WTS sessions). In other devices such as Juniper, this is automatically done by the device itself (there is a code rewriting/signing done on the fly) so that the very same applet works propperly. Does anyone knows if is there a way to configure this feature and how to do it? If this is not the case, where can I find an API or the appropriate documentation for adapting the applet for the big IP by myself? Thanks in advance for your help, any tips or workarounds will be really appreciated.187Views0likes0Comments