With the Java Control Panel, you can check and change the properties of Java sessions. Changes will remain in force until the next thin client restart. The procedure for changing the security settings and importing certificates with the Java Control Panel is described below.

The procedure for rectifying an error when connecting to the UMS via Java Web Start is described in the FAQ Error when connecting to UMS via Java Web Start: "received fatal alert: handshake_failure".

Further information regarding the Java Control Panel can be found at http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/jcp.html.


To change the security settings for Java sessions, proceed as follows:

  1. Launch the Java Manager. The start options are described under Java Manager.
  2. Click on the Security tab.
  3. If you want to use Java applications (applets) in the browser, enable Enable Java content in the browser.
  4. Select a security level for applications that are not on the Exception Site list:
    • Very high: The Java application will only be executed if it has a valid certificate which has not been withdrawn.
    • High: The Java application will only be executed if it has a valid certificate. No check will be made as to whether the certificate was withdrawn.
  5. If you would like to add an exception, click on Edit Site List... > Add and enter the URL of the website for which the security rule is not to apply. When you have added all your exceptions, click on OK.
  6. Click on OK or Apply.
    The changed settings will remain valid until the next thin client restart.

    Alternatively, you can configure the settings in the registry; the changes are then permanent:
    • System > Registry > java > deployment > security_level
    • System > Registry > java > deployment > exception_site%


To import a certificate from a file, proceed as follows:

Certificates should always be imported using the UMS. You should therefore use the Java Control Panel only if you want to import a certificate whose type is not supported by the UMS. The UMS only supports "Signer CA” certificates, i.e. certificates from a certification authority (CA) for protected certificates.
  1. Launch the Java Control Panel. The start options are described under Java Control Panel.
  2. Click on the Security tab.
  3. Click on Manage Certificates....
  4. Select the certificate type.
  5. Select the certificate file on your thin client and click on Open.
  6. Click on Import.