{"id":5761,"date":"2013-11-27T12:43:57","date_gmt":"2013-11-27T11:43:57","guid":{"rendered":"https:\/\/ingmarverheij.com\/?p=5761"},"modified":"2014-07-22T17:54:12","modified_gmt":"2014-07-22T15:54:12","slug":"citrix-netscaler-hangs-downloading-applet","status":"publish","type":"post","link":"https:\/\/ingmarverheij.com\/en\/citrix-netscaler-hangs-downloading-applet\/","title":{"rendered":"Citrix: NetScaler hangs at Downloading Applet&#8230;"},"content":{"rendered":"<p><i><strong>TIP<\/strong>: NetScaler 10.5 uses HTML5 instead or JRE for most configuration features! Hooraaayyy! &#8211;\u00a0<a href=\"https:\/\/support.citrix.com\/proddocs\/topic\/ns-rn-main-release-10-5-map\/ns-rn-changes-gui-10-5-con.html\" target=\"_blank\">link<\/a><\/i><\/p>\n<p>With the <a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/7u45-relnotes-2016950.html\" target=\"_blank\">release<\/a> of Java Runtime Environment (JRE) 7 update 45\u00a0 new security measurements are introduced. Oracle describes the impact of the updated security baseline in <a href=\"https:\/\/blogs.oracle.com\/java-platform-group\/entry\/updated_security_baseline_7u45_impacts\" target=\"_blank\">this blog<\/a>. While security is an important topic (especially when web applications are involved) breaking applications due to raised security could result in the opposite.<\/p>\n<p><em>In case you&#8217;re running <strong>JRE 7u51<\/strong>, please read <a href=\"https:\/\/ingmarverheij.com\/en\/citrix-netscaler-cannot-load-applet-7u51\/\" target=\"_blank\">this article<\/a> with an update.<\/em><\/p>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Downloading-applet.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; margin: 0px 0px 0px 5px; padding-top: 0px; padding-right: 0px; padding-left: 0px; float: right; display: inline; background-image: none;\" title=\"Downloading applet...\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Downloading-applet..._thumb.png\" alt=\"Downloading applet...\" width=\"244\" height=\"66\" align=\"right\" border=\"0\" \/><\/a>Citrix NetScalers are managed with a web interface which uses HTML5 and Java applets. With new security measurements these applets hang at \u201cDownloading Applet\u2026\u201d<\/p>\n<p>At the moment of writing there are two features that need to be disabled to enable the Java Applets of the Citrix NetScaler (as described by Barry Schiffer in <a href=\"https:\/\/www.barryschiffer.com\/citrix-netscaler-10-x-java-applet-hangs-starting\/\" target=\"_blank\">this article<\/a>):<\/p>\n<ul>\n<li>Disable Temporary Internet Files<\/li>\n<li>Lower Security<\/li>\n<\/ul>\n<p>While this solves the problem (of not being able to administer a Citrix NetScaler) is potentially creates a new: the security level is lowered for the entire JRE. While Oracle was trying to increase the security for Java Applets with this update the opposite is achieved <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-sadsmile\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/wlEmoticon-sadsmile.png\" alt=\"Sad smile\" \/>.\u00a0 Fortunately there is a way to lower the security for specific addresses <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-smile\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/wlEmoticon-smile.png\" alt=\"Smile\" \/><\/p>\n<p><!--more--><\/p>\n<h1>Disable Temporary Internet Files<\/h1>\n<p>As described earlier it is required to disable temporary internet files in Java. This can be done by opening the Java Control Panel, click on <strong>Settings<\/strong> and unchecking <strong>Keep temporary files on my computer<\/strong><\/p>\n<p>Disabling temporary internet files does not lower the security of the machine but will slow down the performance of Java (as its no longer caching files).<\/p>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Java Control Panel\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel_thumb.png\" alt=\"Java Control Panel\" width=\"153\" height=\"179\" border=\"0\" \/><\/a><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Temporary-Internet-Files.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Temporary Internet Files\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Temporary-Internet-Files_thumb.png\" alt=\"Temporary Internet Files\" width=\"225\" height=\"179\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h1>Lower Security<\/h1>\n<p>Barry described in <a href=\"https:\/\/www.barryschiffer.com\/citrix-netscaler-10-x-java-applet-hangs-starting\/\" target=\"_blank\">his article<\/a> that the following security features needs to be set:<\/p>\n<ul>\n<li><strong>Mixed code (sandboxed vs trusted) security verification <\/strong>=\u00a0 Disable verification (default is Enable \u2013 show warning if needed )<\/li>\n<li><strong>Perform certificate revocation checks on<\/strong> = Do not check (default is All certificates in the chain of trust)<\/li>\n<\/ul>\n<p>In general, the certificates used to sign the JAR files of the Citrix NetScaler are no longer verified and the revocation is not checked, While this fixes the problem I\u2019m having trouble to accept that I need to lower the security of the entire machine as it might compromise my computer due to the lowered security.<\/p>\n<p>&nbsp;<\/p>\n<h4>Deployment Rule Set<\/h4>\n<p>In <strong>Java 7 update 40<\/strong> a new feature was introduced called \u201cDeployment Rule Set\u201d, designed to address the issue of security and compatibility in browser applets without affecting normal back-end Java programs (<a href=\"https:\/\/blogs.oracle.com\/java-platform-group\/entry\/introducing_deployment_rule_sets\" target=\"_blank\">introduction article<\/a>) aha!.<\/p>\n<p>So apparently administrators can create a policy where they apply actions based on certain rules. Nice! Right? Well kind of, there are some pitfalls:<\/p>\n<ul>\n<li>Administrative access is required (the file is stored in <strong>C:\\Windows\\Sun\\Java\\Deployment<\/strong>);<\/li>\n<li>The configuration is stored in a JAR file, you need the <a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/downloads\/jdk7-downloads-1880260.html\" target=\"_blank\">Java SE Development Kit (JDK)<\/a> for that;<\/li>\n<li>The JAR file needs to be signed with a certifcate that\u2019s <strong>trusted<\/strong> by the client;<\/li>\n<li>Potentially (if you configure the file wrong) you deny all other Java Applets.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>If you want to use the deployment rule set there are a number of steps that need to be followed.<\/p>\n<p>&nbsp;<\/p>\n<h5>1. Create self signed certificate<\/h5>\n<p>If you don\u2019t have a certificate (with private key) that\u2019s trusted by your client you can create a self signed certificate. This certificate is, by default, trusted by no one. It is meant for (local) testing purposes.<\/p>\n<p>There are three activities involved, two of them use the <strong>keytool <\/strong>executable that\u2019s part of the <a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/downloads\/jdk7-downloads-1880260.html\" target=\"_blank\">Java SE Development Kit (JDK)<\/a>.<\/p>\n<p><span style=\"text-decoration: underline;\">a) Generate a keystore<\/span><\/p>\n<pre>keytool.exe -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048<\/pre>\n<p><span style=\"text-decoration: underline;\"><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/keytool.exe-genkey.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"keytool.exe -genkey\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/keytool.exe-genkey_thumb.png\" alt=\"keytool.exe -genkey\" width=\"272\" height=\"179\" border=\"0\" \/><\/a><\/span><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"text-decoration: underline;\">b) Extract the certificate from the keystore<\/span><\/p>\n<pre>keytool.exe \u2013exportcert \u2013keystore keystore.jks \u2013alias selfsigned \u2013file SelfSigned.cer<\/pre>\n<p><span style=\"text-decoration: underline;\"><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/keytool.exe-exportcert.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"keytool.exe -exportcert\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/keytool.exe-exportcert_thumb.png\" alt=\"keytool.exe -exportcert\" width=\"272\" height=\"179\" border=\"0\" \/><\/a><\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"text-decoration: underline;\">c) Add to Java client<\/span><\/p>\n<p>Open Java Control Panel, open tab <strong>Security <\/strong>and click on <strong>Manage Certificates<\/strong>. Select the Certificate Type <strong>Signer CA<\/strong> and import the certificate you exported in the previous activity (SelfSigned.cer).<\/p>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel-Security-2.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Java Control Panel - Security 2\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel-Security-2_thumb.png\" alt=\"Java Control Panel - Security 2\" width=\"153\" height=\"179\" border=\"0\" \/><\/a><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificates-Signer-CA.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Certificates - Signer CA\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificates-Signer-CA_thumb.png\" alt=\"Certificates - Signer CA\" width=\"235\" height=\"179\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h5>2. Create a rule set<\/h5>\n<p>A <a href=\"https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/jweb\/deployment_rules.html\" target=\"_blank\">rule set<\/a> needs to be created where you configure which hosts (or applets) are allowed to run the Rich Internet Applications (RIA). The file <strong>ruleset.xml<\/strong> is a plain text XML file which consists of a number of rules. Each rule consists of:<\/p>\n<ul>\n<li>an <strong>identifier<\/strong>: to who does this rule apply;<\/li>\n<li>a <strong>certificate<\/strong>: to which applet does this rule apply;<\/li>\n<li>an <strong>action<\/strong>: what should be done if the rule applies;<\/li>\n<li>a <strong>message <\/strong>: An optional message that\u2019s displayed when the RIA is blocked<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>Identification <\/strong>can be done based on a location (an URL), title or a certificate. These rules also have some <strong>pitfalls<\/strong>:<\/p>\n<ul>\n<li>Wildcards (asterisk) cannot be used for hostnames (that includes IP addresses). In other words, you need to specify the address of each Citrix NetScaler you need to administrator <strong>individually<\/strong>.<\/li>\n<li>Currently, only security hash algorithm SHA-256 is supported. The certificate of <strong>Citrix Systems Inc <\/strong>uses the signature algorithm <strong>SHA1withRSA<\/strong>, so this feature can\u2019t be used. Fortunately the validity of the certificate ends soon (May 24 2014);<\/li>\n<li>All examples end with a \u201cblock\u201d action. If you apply this rule set all RIA\u2019s are blocked <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-winkingsmile\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/wlEmoticon-winkingsmile.png\" alt=\"Winking smile\" \/><\/li>\n<\/ul>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificate-Citrix-Systems-Inc-Signature-Algorithm.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Certificate - Citrix Systems Inc - Signature Algorithm\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificate-Citrix-Systems-Inc-Signature-Algorithm_thumb.png\" alt=\"Certificate - Citrix Systems Inc - Signature Algorithm\" width=\"254\" height=\"179\" border=\"0\" \/><\/a><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificate-Citrix-Systems-Inc-Validity.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Certificate - Citrix Systems Inc - Validity\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Certificate-Citrix-Systems-Inc-Validity_thumb.png\" alt=\"Certificate - Citrix Systems Inc - Validity\" width=\"254\" height=\"179\" border=\"0\" \/><\/a><\/p>\n<p>The <strong>action<\/strong> that\u2019s applied to the rule consists of a permission and a version. The permission is either run, block or default (where the default processing rule is applied). With the version identifier the version of the JRE that\u2019s used to run the RIA. Since the 1.6 JRE did not include the certificate checks like <strong>certifcate revocation <\/strong>the applets of the Citrix NetScaler work when this version is used.<\/p>\n<p>Here\u2019s an example of the <strong>ruleset.xml <\/strong>I used<\/p>\n<pre lang=\"xml\">&lt;ruleset version=\"1.0+\"&gt;\r\n   &lt;rule&gt;\r\n\t&lt;id location=\"https:\/\/10.0.0.1\" \/&gt;\r\n\t&lt;action permission=\"run\" version=\"SECURE-1.6\" \/&gt;\r\n   &lt;\/rule&gt;\r\n   &lt;rule&gt;\r\n\t&lt;id location=\"https:\/\/10.0.0.2\" \/&gt;\r\n\t&lt;action permission=\"run\" version=\"SECURE-1.6\" \/&gt;\r\n  &lt;\/rule&gt;\r\n  &lt;rule&gt;\r\n\t&lt;id location=\"https:\/\/NS01\" \/&gt;\r\n\t&lt;action permission=\"run\" version=\"SECURE-1.6\" \/&gt;\r\n   &lt;\/rule&gt;\r\n   &lt;rule&gt;\r\n\t&lt;id location=\"https:\/\/NS02\" \/&gt;\r\n\t&lt;action permission=\"run\" version=\"SECURE-1.6\" \/&gt;\r\n   &lt;\/rule&gt;\r\n   &lt;rule&gt;\r\n\t&lt;id \/&gt;\r\n\t&lt;action permission=\"default\"\/&gt;\r\n  &lt;\/rule&gt;\r\n&lt;\/ruleset&gt;<\/pre>\n<p>In this example I allow Java\u00a0 to run the RIA using JRE version 1.6 on the hosts NS01 and NS02 using their hostsname and IP address. All other RIA\u2019s that I run use the <strong>default<\/strong> processing rule (so it doesn\u2019t change the default behavior).<\/p>\n<p>&nbsp;<\/p>\n<h5>3. Create JAR file<\/h5>\n<p>I would recommend storing the <strong>ruleset.xml<\/strong>\u00a0 file in the same folder as where <strong>jar.exe<\/strong>\u00a0 resides (in my example <em>C:\\Program Files\\Java\\jdk1.7.0_45\\bin<\/em>). <em>Why? Because JAR uses the absolute path when you add files to a JAR file.\u00a0 <\/em><\/p>\n<p>A JAR can be created using the <strong>jar <\/strong>executable that\u2019s part of the <a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/downloads\/jdk7-downloads-1880260.html\" target=\"_blank\">Java SE Development Kit (JDK)<\/a>.\u00a0 A JAR file is an archive file (like ZIP) that contains one or more files. In this case a JAR file needs to be created that only contains the file <strong>ruleset.xml<\/strong><\/p>\n<pre>jar -cvf DeploymentRuleSetUS.jar ruleset.xml<\/pre>\n<p>I created the JAR file DeploymentRulesetUS.jar because its <em>unsigned.<\/em><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h5>4. Sign JAR file<\/h5>\n<p>The JAR file that\u2019s created previously needs to be signed with a certificate. Keep in mind that the certificate needs to be <strong>trusted <\/strong>by JRE! A JAR file can be signed using the <strong>jarsigner <\/strong>executable that;s part of the <a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/downloads\/jdk7-downloads-1880260.html\" target=\"_blank\">Java SE Development Kit (JDK)<\/a>.<\/p>\n<p>A JAR file with the name <strong>DeploymentRuleSet.jar<\/strong> is created using the unsigned <strong>DeploymentRuleSetUS.jar.<\/strong> In my example I\u2019m using a self signed certificate.<\/p>\n<pre>jarsigner -keystore keystore.jks -storepass password -signedjar DeploymentRuleSet.jar DeploymentRuleSetUS.jar selfsigned<\/pre>\n<p>&nbsp;<\/p>\n<h5>5. Copy the JAR file<\/h5>\n<p>The signed JAR file containing the rule set needs to be placed in the folder <strong>C:\\Windows\\Sun\\Java\\Deployment<\/strong>. Access to this folder requires administrative access to the system.<\/p>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/C-Windows-Sun-Java-Deployment.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; margin-right: auto; margin-left: auto; float: none; display: block; background-image: none;\" title=\"C-Windows-Sun-Java-Deployment\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/C-Windows-Sun-Java-Deployment_thumb.png\" alt=\"C:\\Windows\\Sun\\Java\\Deployment\\DeploymentRules.jar\" width=\"354\" height=\"192\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h5>6. Verify<\/h5>\n<p>In the Java Control Panel you can verify if the rule set is detected and loaded correctly. This can be done by opening the Java Control Panel, open the tab <strong>Security <\/strong>and\u00a0 clicking on <strong>View the active Deployment Rule Set.<\/strong><\/p>\n<p><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel-Security.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Java Control Panel - Security\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Java-Control-Panel-Security_thumb.png\" alt=\"Java Control Panel - Security\" width=\"153\" height=\"179\" border=\"0\" \/><\/a><a href=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Deployment-Rule-Set-More-Information.png\"><img loading=\"lazy\" decoding=\"async\" style=\"border-width: 0px; padding-top: 0px; padding-right: 0px; padding-left: 0px; display: inline; background-image: none;\" title=\"Deployment Rule Set - More Information\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/Deployment-Rule-Set-More-Information_thumb.png\" alt=\"Deployment Rule Set - More Information\" width=\"218\" height=\"179\" border=\"0\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>And you\u2019re done <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-smile\" src=\"https:\/\/ingmarverheij.com\/wp-content\/uploads\/2013\/11\/wlEmoticon-smile.png\" alt=\"Smile\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Sources<\/strong><\/p>\n<ul>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/java\/javase\/7u45-relnotes-2016950.html\">https:\/\/www.oracle.com\/technetwork\/java\/javase\/7u45-relnotes-2016950.html<\/a><\/li>\n<li><a href=\"https:\/\/blogs.oracle.com\/java-platform-group\/entry\/updated_security_baseline_7u45_impacts\">https:\/\/blogs.oracle.com\/java-platform-group\/entry\/updated_security_baseline_7u45_impacts<\/a><\/li>\n<li><a href=\"https:\/\/www.barryschiffer.com\/citrix-netscaler-10-x-java-applet-hangs-starting\/\">https:\/\/www.barryschiffer.com\/citrix-netscaler-10-x-java-applet-hangs-starting\/<\/a><\/li>\n<li><a href=\"https:\/\/ephingadmin.com\/wp\/administering-java\/\">https:\/\/ephingadmin.com\/wp\/administering-java\/<\/a><\/li>\n<li><a title=\"https:\/\/blogs.oracle.com\/java-platform-group\/entry\/introducing_deployment_rule_sets\" href=\"https:\/\/blogs.oracle.com\/java-platform-group\/entry\/introducing_deployment_rule_sets\">https:\/\/blogs.oracle.com\/java-platform-group\/entry\/introducing_deployment_rule_sets<\/a><\/li>\n<li><a title=\"https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/jweb\/deployment_rules.html\" href=\"https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/jweb\/deployment_rules.html\">https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/jweb\/deployment_rules.html<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>.<\/p>","protected":false},"excerpt":{"rendered":"<p>TIP: NetScaler 10.5 uses HTML5 instead or JRE for most configuration features! Hooraaayyy! &#8211;\u00a0link With the release of Java Runtime Environment (JRE) 7 update 45\u00a0 new security measurements are introduced. Oracle describes the impact of the updated security baseline in this blog. While security is an important topic (especially when web applications are involved) breaking [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[502],"tags":[610,503,611,60],"class_list":["post-5761","post","type-post","status-publish","format-standard","hentry","category-netscaler","tag-jre","tag-netscaler-2","tag-ria","tag-security"],"_links":{"self":[{"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/posts\/5761","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/comments?post=5761"}],"version-history":[{"count":9,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/posts\/5761\/revisions"}],"predecessor-version":[{"id":6895,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/posts\/5761\/revisions\/6895"}],"wp:attachment":[{"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/media?parent=5761"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/categories?post=5761"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ingmarverheij.com\/en\/wp-json\/wp\/v2\/tags?post=5761"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}