Background.......
Our technical company with country wide deployment of IP devices (using IP addresses) that were built and supplied with java as the contact interfaces. So we MUST use java to connect to these devices. To date 1.6.30 has been doing the job for me with minimal intervention/security messages, but now we have new devices that need 1.7 upwards that brings in the new security features. Too many devices to add to the "exceptions.list" file in my opinion (in here specific devices do not allow wildcards). They are all on our 10.0.0.0/8 corporate network.
My attempts to overcome this so far........
Reading all over the net I find this is the job of the DSR "Deployment Ruleset.xml" file. All that's ok. However so far I cannot find ANY documentation on the wildcard usage in the Ruleset.xml file that will allow us to do our jobs. Java has fast become a millstone around our necks and is drowning me and other technical officers.
This is not a domain name access issue, we just need to be able to access IP ranges to these devices with a mixture of old and new java required.
I am not a programmer and a simple technical office who has PC skills (and old). I attempted to set up the ruleset.xml and the convoluted way to certify the deployment.jar file and make changes to it in future is driving me to drink!
So please help me!
I need good information on the "ruleset.xml" wildcard use, specifically for IP address and IP ranges. ie can I allow the IP range of 10.0.0.0/8??? How???? Anything I have tried has failed so far. id= "10.0.0.0/8" and id= "10.0.*.*" don't appear to work for me.
Also the ability to use specific equipment on specific versions of Java would seem possible? There does seem to be some information about this use.
I am struggling with getting a grip on this "self signing certificate", how it will allow Java access to the equipment.
Also any good information on generating the certificate, key and jar file, (open source=free is the only option) so the file can be used on many different laptops/desktops to enable us to do our job as its getting more than frustrating. I am tearing my hair our and stong drink is my best recourse!
If the wildcard (for instance) id= "http://10.0.*.*." is possible then a single generation of the ruleset and jar file would seem to work for us. All Oracle/Sun wildcard documentation is geared to domain names, ie *.somebody.com and no one is saying anything about IP ranges!
No IT dept. Third party handles networking and pC support. However there seems to be NILL understanding of making the existing network work with Java to these devices in an acceptable manor.
thanks
Minsik.