TIP: NetScaler 10.5 uses HTML5 instead or JRE for most configuration features! Hooraaayyy! – link
On January 14 Oracle released Java Runtime Environment (JRE) 7 update 51. Just like previous updates the raised the security level which could potentially break existing applications. We saw the same when they released 7u45, back then I found a more constructive (but complex) solution to solve a problem where the GUI hanged at “Downloading Applet..”
Citrix updated their NetScaler software to meet the requirements of Oracle on December 3rd (download, release notes) – I hope that back then you reverted to a more secure JRE. Unfortunately JRE 7u51 gave me again problems, this time the Java Applet could not be loaded.
In the Java Console the following error is shown:
network: Connecting https://s-nsint-cl01-nsip:80/ with proxy=DIRECT network: Connecting https://s-nsint-cl01-nsip/nitro/v1/config/auditnslogpolicy?rawdata=yes&view=detail&pageno=1&pagesize=4500 with cookie "drep=sys0; st_splitter=350px; is_cisco_platform=0; DEFAULT_LAUNCH_SCREEN_PATH=" liveconnect: Security Exception: LiveConnect (JavaScript) blocked due to security settings.
Fortunately Oracle did something brilliant (…like we didn’t have this in any browser since 1995…): you can now add sites to an exception site list! Where the deployment rule set (as explained in my previous article) is intended for system administrators (heck, it’s freaking complex) the exception site list is for end users.
Add an exception
GUI
Adding an exception is as easy as 1-2-3:
- Open the Java Control Panel
- In tab Security click on Edit Site List
- Click on Add and type in the file:// or http(s):// URL
Alternatively you can lower the Security Level to Medium but I wouldn’t recommend that!
deployment.config
The exception site list is stored in a plaintext file making it easy to distribute to your users, The file is located in %userprofile%\Appdata\LocalLow\Sun\Java\Deployment\security\exception.sites.
https://s-nsint-cl01-nsip https://s-nsint-cl02-nsip https://s-nsdmz-cl01-nsip https://s-nsdmz-cl02-nsip
Each exception is written in the file on a separate line, so a file containing multiple exceptions could contain the following content.
.
Eén reactie