Java https update sites

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Java https update sites

Till Bretschneider-2
Since updating Fiji, and also with a current fresh install under Mac OS, the updater gives a warning:
"Your Java might be too old to handle updates via HTTPS"
Unfortunately our own QuimP site is affected: https://pilip.lnx.warwick.ac.uk/quimp-update-site/
it still works by manually overriding it with http, but I was wondering what the underlying problem was.
Is there a different JRE supplied?

Best wishes,

Till

--
ImageJ mailing list: http://imagej.nih.gov/ij/list.html
Reply | Threaded
Open this post in threaded view
|

Re: Java https update sites

Curtis Rueden-2
Hi Till,

The easiest way to update Java is to download a new Fiji for your platform.
It ships with a new-enough Java for HTTPS.

If you wish to retain your existing Fiji installation, you can steal the
new Fiji's Java bundle:

- Navigate to your existing Fiji's platform-specific java folder (e.g. on
macOS, it's "Fiji.app/java/macosx").
- Remove any folders beneath it.
- Navigate to the platform-specific java folder of your newly unpacked Fiji.
- Move the folder (e.g. on macOS, it's "adoptopenjdk-8.jdk") into the old
Fiji's platform-specific java folder.

The existing Fiji should now use that new version of Java when launched.

HTH,
Curtis

--
Curtis Rueden
LOCI software architect - https://loci.wisc.edu/software
ImageJ2 lead, Fiji maintainer - https://imagej.net/User:Rueden
Have you tried the Image.sc Forum? https://forum.image.sc/



On Mon, Sep 9, 2019 at 7:53 AM Till Bretschneider <
[hidden email]> wrote:

> Since updating Fiji, and also with a current fresh install under Mac OS,
> the updater gives a warning:
> "Your Java might be too old to handle updates via HTTPS"
> Unfortunately our own QuimP site is affected:
> https://pilip.lnx.warwick.ac.uk/quimp-update-site/
> it still works by manually overriding it with http, but I was wondering
> what the underlying problem was.
> Is there a different JRE supplied?
>
> Best wishes,
>
> Till
>
> --
> ImageJ mailing list: http://imagej.nih.gov/ij/list.html
>

--
ImageJ mailing list: http://imagej.nih.gov/ij/list.html
Reply | Threaded
Open this post in threaded view
|

Re: Java https update sites

Deborah Schmidt
In reply to this post by Till Bretschneider-2
Hi Till,

sorry you are having issues with the HTTPS switch. I am trying to get a better grip of the problem with your own update site to see if we can fix anything.

With a fresh install containing the JRE there should be no such warning. Is this happening in your case? What Java version is displayed in the status bar when you click on it?

The changes made to the updater should not affect sites hosted on other servers. We only check if the Let's Encrypt certificate of imagej.net is supported by the local Java installation and if it is not, we throw this warning. Meaning you should still be able to host an update site on a different server and serve it to older Fijis if the certificate is also supported by older Java versions.

I ran tests on your update site https://pilip.lnx.warwick.ac.uk/quimp-update-site/ with Java 1.8.0_05 and get the same SSLHandshakeException as with https://imagej.net, that's why you cannot add the HTTPS address to an older Fiji installation.

So did this HTTPS URL ever work with an older Fiji / JRE?

Best,
Deborah

--
Deborah Schmidt, Jug-Lab
Center for Systems Biology Dresden
MPI of Molecular Cell Biology and Genetics
Pfotenhauerstr. 108, 01307 Dresden, Germany

----- Original Message -----
From: "Till Bretschneider" <[hidden email]>
To: [hidden email]
Sent: Monday, September 9, 2019 2:46:26 PM
Subject: Java https update sites

Since updating Fiji, and also with a current fresh install under Mac OS, the updater gives a warning:
"Your Java might be too old to handle updates via HTTPS"
Unfortunately our own QuimP site is affected: https://pilip.lnx.warwick.ac.uk/quimp-update-site/
it still works by manually overriding it with http, but I was wondering what the underlying problem was.
Is there a different JRE supplied?

Best wishes,

Till

--
ImageJ mailing list: http://imagej.nih.gov/ij/list.html

--
ImageJ mailing list: http://imagej.nih.gov/ij/list.html
Reply | Threaded
Open this post in threaded view
|

Re: Java https update sites

Till Bretschneider-2
In reply to this post by Till Bretschneider-2
Dear Deborah, dear Curtis,

Many thanks for your help and speedy response.

The original Java version where the problem occurred was Java 1.8.0_66.
I then had removed the java directory inside the Fiji installation in the hope that the system Java version (1.8.0_221) would be picked up. However, despite JAVA_HOME being set correctly and 'java -version' showing the correct (1.8.0_221) version, Fiji would use a deprecated version (Java 1.8.0.60) which I was not aware even existed on my computer!

Anyhow, after removing that, either the latest system Java or adoptopenjdk-8.jdk (Java 1.8.0_202) which comes with the latest Fiji work well.

Best wishes,

Till

--
ImageJ mailing list: http://imagej.nih.gov/ij/list.html