So, scenario is as following: you want to run remote console or other java app from customer's server without installing Firefox and Java. You cannot disable high security settings in IE.
So you'll probably go with portable version of FF/Java. Cool, but latest java portable is really pain in the bottom, when dealing with outdated or self signed certs.
For me, "Application blocked by security" errors were caused by expired certs.
Normally you'd go to Control Panel opened Java settings and in security tab add there website as an exception. But there's no java applet, because we are using portable version.
We must modify/create exception.sites file to be able to use our Java app:
1. Go to <your user profile>\AppData\LocalLow\Sun\Java\Deployment\security (For some strange reason, despite Java portability, this folder is created in user profile)
2. Modify/create exception.sites file and add there your website starting from "http://" or "https://"
So, for example if your user is Tom it would be:
c:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\security\exception.sites
And file content looks like this:
http://192.168.10.200
https://192.168.30.20
etc...
Now app should start without problems.
Update:
This method will also work in normal, installed java, if for some reason you don't have java applet in control panel.
If still doesn't work, try commenting (put # in front) line
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
in c:\Program Files (x86)\java\<your version>\lib\security\java.version file.
This line in more by the end of file.
