Recent Java Update (v8 u25) blocking access to all internal sites (that use Java)

Recently we upgraded to the latest Java version on our XenApp 6.5 published desktop environment.  (Java 8 Update 25).

Now all of our internal websites that use Java are being blocked as there is no more "Medium" security level in Version 8. The only way around is to add the site to the Java Security Exclusions list. This is annoying as we have a lot of internal sites that use Java.

The other issue I have is that even if users add the exclusion, the Exclusions list is not saved when the user logs out of the XenApp Session. The XenApp profiles all seem to work fine except for retaining the Java setting.
The hosts are all Sever 2008 R2 9as is the profile server). XenApp is running Rollup pack 4 and using Citrix Profile Management. My Docs, Desktop etc are all redirected to the profile store. Only the users profile settings are roaming.

Out of the 2 issues, I would prefer to look at the Java side 1st, however I'm guessing that is not going to be an option.
HowzattAsked:
Who is Participating?
 
gheistConnect With a Mentor Commented:
Oracle announced their plan to rule out unsigned java applications like year ago.
Easiest way around is to sign applets using enterprise CA (which you have to establish now)
Other way is to push exception file to users via GPO
0
 
HowzattAuthor Commented:
Which would be an easier option do you think?
0
 
gheistConnect With a Mentor Commented:
Probably making exclusion file i easier to understand.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.