Live Reporting Blocked by Java Security: Certificate expired or not-yet-valid

Document ID : KB000046886
Last Modified Date : 14/02/2018
Show Technical Document Details

Symptom 

Live Reporting is blocked by Java Security.

The following Java Security message is seen:  

java security message.png

 

Environment  

CA eHealth 6.3.2.01 to 6.3.2.07

 

Cause 

CA eHealth versions 6.3.2.01 to 6.3.2.07 are affected by a Java JRE certificate expiration that requires a patch download or a workaround to resolve the Java security warning. Newer eHealth releases do not require this patch or workaround. 

 

Resolution and Workaround

Below are the three options to solve this issue.

 

Option 1 – WORKAROUND

 ·         Java JRE 1.6 on client:

With Java 1.6 and earlier, you can click through a pop-up message on your machine as usual. 

 

·         Java JRE 1.7 on client:

If challenged, the workaround is to change your Java JRE security settings to “Medium” from "High" or "Very High".  If you cannot use the Medium security setting workaround due to the security policies of your organization, you can try adding your eHealth server info to the Java Exception Site List.

 

·         Java JRE 1.8 on client:

Since you cannot change your Java JRE 1.8 security settings to “Medium", you can try adding your eHealth server info to the Java Exception Site List.  (For more info, seehttps://www.java.com/en/download/help/jcp_security.xml.)

 

Option 2 - PERMANENT FIX 1

If you cannot use the above workarounds for any reason, you will need to apply a fix to the eHealth server. The fix is available in the Download Center, under Published Solutions.

 

PATCH FOR JAVA CERT EXPIRATION CA EHEALTH 6.3.2.01 and 6.3.2.02

 ·         Solaris -        #RO78980

·         Windows -     #RO78983

·         Linux  -         #RO78982

   

PATCH FOR JAVA CERT EXPIRATION CA EHEALTH 6.3.2.03 and 6.3.2.04

 ·         Solaris -        #RO78988

·         Windows -     #RO78989

·         Linux  -         #RO78987

  

 PATCH FOR JAVA CERT EXPIRATION CA EHEALTH 6.3.2.05 and 6.3.2.06

 ·         Solaris -        #RO78991

·         Windows -     #RO78992

·         Linux   -        #RO78990

 

 PATCH FOR JAVA CERT EXPIRATION CA EHEALTH 6.3.2.07

 ·         Solaris -       #RO78994

·         Windows -    #RO78995

·         Linux -         #RO78993   

 

Option 3 – PERMANENT FIX 2

The other option would be to upgrade to a newer eHealth release. We recommend always upgrading to the newest release of eHealth due to enhanced security.

 

Additional Information

For Java 7-  TEC1333445, "Failed to validate certificate" error on launching Live Health:

 

http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec1333445.aspx