Java Secure Application Manager Download Mac

The final stop - and I think this is key, is that I forced Safari to start in 32 bit mode. You can do this by going to Applications, highlighting Safari and hitting CMD-I. Then check the 32 bit option. Start Safari, go to the appropriate URL and login. The Java Secure Application Manager should then start as it used to do in Leopard. Download Universal Password Manager for free. Store all your passwords in one secure encrypted database. Universal Password Manager allows you to store all your passwords in one highly secure encrypted database. Its strengths are simplicity, portability and security (uses 128bit AES encryption).

Apr 16, 2019 Agree and Start Free Download. By downloading Java you acknowledge that you have read and accepted the terms of the Oracle Technology Network License Agreement for Oracle Java SE. When your Java installation completes, you may need to restart your browser (close all browser windows and re-open) to enable the Java installation. Windows version (WSAM)—The Windows version of the Secure Application Manager is a Windows-based solution that enables you to secure traffic to individual client/server applications and application servers. Java version (JSAM)—The Java version of the Secure Application Manager provides support for static TCP port client/server applications. Use Software Update available on the Apple menu to check that you have the most up-to-date version of Java 6 for your Mac. Java 7 and later versions are not supported by these older versions of Mac OS X. If you have problems with Java 6, contact Apple Technical Support. Java.com does not provide a download for these systems.

These documentation pages are no longer current. They remain available for archival purposes. Please visit https://docs.oracle.com/javase for the most up-to-date documentation.

The Java Control Panel is a multipurpose control panel. It allows you to view and set a wide range of parameters controlling how, or if, Java technology runs on your computer. It lets you view and delete temporary files used by the Java Plug-in, which allows Java technology to be used by your Web browser to run applets; and Java Web Start, which allows you to run Java applications over the network. It allows you to control certificates, making it safe to run applets and applications over the network. It enables you to view an active deployment rule set, and to manage the exception site list. It allows you to set runtime parameters for applets that run with Java Plug-in and applications that run with Java Web Start. It provides a mechanism for updating your version of the Java platform so that you always have the latest Java Runtime Environment (JRE). And it allows you to set options for debugging, applet handling, etc. The Java Control Panel includes the following separately viewable panels:

Contents

General

The General panel looks like this:

It includes three subpanels: About, Network Settings, and Temporary Internet Files. As of the JDK 7u10 release, this panel also informs you whether Java is enabled in the browser. This setting is contolled in the Security panel.

About

The About... button displays version information for the latest JRE installed on the computer.

Network Settings

These settings are for network connections. Press the Network Settings... button to get the Network Settings dialog. There are four choices:

Use browser settings

Check this to use the browser default proxy settings. This is the default setting (checked).

Use proxy server

Java Secure Application Manager Download Mac Os

You have two choices here:

• You can set the Address and the Port for a proxy server with the option to bypass it for local addresses.
• You can press the Advanced ... button to get the Advanced Network Settings dialog. In this panel you can individually set the proxy server for HTTP, Secure, FTP, and Socks connections. You can also provide a list of addresses for which you do not want to use a proxy server. The Advanced Network Settings panel looks like this:

Use automatic proxy configuration script

You can specify the location (URL) for the JavaScript file (.js or .pac extension) that contains the FindProxyForURL function. FindProxyForURL has the logic to determine the proxy server to use for a connection request.

Direct Connection

Select this for situations where you do not want to use a proxy.

Temporary Internet Files

You can do the following:

• Press the Settings... button to get the Temporary Files Settings dialog from which you can perform the following:
  • Specify if you want to keep temporary files on your computer.
  • Specify the location where temporary files are kept.
  • Specify the compression level for JAR files.
  • Specify the amount of disk space for storing temporary files.
  • Delete temporary files by pressing the Delete Files... button, which displays the Delete Temporary Files dialog. From this dialog, you can specify which files you want to delete:
    • Trace and Log Files
    • Cached Applications and Applets
    • Installed Applications and Applets
  • Restore default settings for the Temporary Files Settings dialog by pressing the Restore Defaults button.
• Press the View... button to get the Java Cache Viewer dialog. This dialog enables you to list applications, resources, and deleted applications stored in the Java cache. In addition, you may perform the following:
  • Run and visit the Web page of applications.
  • View the JNLP file of applications and resources.

Update

On Microsoft Windows platforms, the Update panel looks like this:

The Update panel, in conjunction with the Java Update Scheduler (jusched.exe), is used to provide the latest Java updates to the end user.

Note: This panel is only available on Microsoft Windows and Mac OS X and only for users with Administrative privileges. On Microsoft Windows, if both the 32-bit and 64-bit versions of Java are installed, this panel is not available. In this event, you have to launch the Java Control Panel directly from the 32-bit directory command line (C:Program Files (x86)Javajre7binjavacpl.exe).

Update Panel Options

There are two basic options on the Update tab:

• Automatic update: Available only on Microsoft Windows XP and higher, and set by default
• Manual update

Automatic update is performed on a scheduled basis and it is selected by checking the Check for Updates Automatically check box.

Manual update is performed by pressing the Update Now button.

If you select automatic update, you can then set the notification via the Notify Me: drop-down menu, and you can set the update schedule via the Advanced... button.

With notification, you can chose to be notified before an update is downloaded and before it is installed; or you can chose to be notified only before an update is installed (i.e., the download is automatic).

The Advanced... allows you to select the desired frequency for updates: daily, weekly, or monthly (default). For daily updates, you can select the time of the day for the update. For weekly updates, you can select the day of the week and the time of the day. For monthly updates, you can select the day of the week and the time of the day. Monthly updates check weekly and notify you within 30 days that an update is available, however, if an update is considered critical you are notified within a week of its release.

You can do manual updates at any time by pressing the Update Now button. This allows you to do immediate, unscheduled updates.

Java Update Scheduler

On Microsoft Windows platforms, the Java Update Scheduler (jusched.exe) is used for launching automatic updates when Update Automatically is selected in the Update tab. jusched.exe runs as a background process that launches the Update Manager at predefined intervals set by the user through the Advanced... button of the Update tab. The Update Manager coordinates the update process.

jusched.exe is launched when the user reboots the computer after installing the SDK/JRE. It is normally transparent to the user but can be viewed in the Processes tab of the Windows Task Manager. Should a user for some reason not want the scheduler to run, it can be killed via End Process button of the Processes tab.

Java

The Java panel looks like this:

Click the View... button to access the Java Runtime Environment Settings dialog.

Java Runtime Environment Settings

These settings will be used when a Java application is launched. The Java Runtime Environment Settings dialog looks like the following on Microsoft Windows:

Each row in the Java Runtime Versions panel represents a Java Runtime Environment that is installed in your computer. You may modify the value in each cell by double-clicking it:

• Platform: The version of the Java Runtime Environment
• Product: The full version number of the Java Runtime Environment (which includes the update number)
• Location: The URL that Java Update Scheduler uses to launch automatic updates
• Path: The full path name of the Java Runtime Environment
• Runtime Parameters: Optional custom options used to override the Java Plug-in default startup parameters
• Enabled: This option is for selecting which of the (older) JRE versions to consider when running an app using Java Plug-in or Java Web Start. If this check box is not selected, then Java Plug-in and Java Web Start will not use this JRE to launch Java apps. However, the current JRE might be used regardless of this checkbox. This checkbox does not affect stand alone applications, it is only for Java in the browser. Note that if all Java apps are disabled from running in the browser, by de-selecting Enable the Java content in the browser in the Security panel, enabling the JRE here has no effect.

Click the Find button to launch the JRE Finder. This utility searches for unregistered private Java Runtime Environments installed in your computer and adds them to the Java Runtime Versions panel.

Click the Add button to manually add a Java Runtime Environment to the Java Runtime Versions panel. When you click the Add button, a new row appears in the Java Runtime Versions panel; however, there are no values for Platform, Product, Path, Runtime Parameters, and Enabled; you must specify them yourself.

Click the Remove button to remove the selected Java Runtime Environment from the Java Runtime Versions panel.

Notes

There will always be at least one entry. It will be the most recently installed JRE; i.e., the JRE associated with the Java Control Panel.

Microsoft Windows will show all JREs installed on a computer. The Java Control Panel finds the JREs by looking in the registry. On Solaris, Linux, or Mac OS X, the situation is different. There is no registry so there is no easy way to find the JREs that a user may have installed. The JRE that Java Web Start or Java Plug-in is using to deploy applications is the JRE that is considered registered. Consequently, use the Find, Add, and Remove buttons to change which JREs are listed in the Java Runtime Environments panel. On Mac OS X, only the currently installed JRE is displayed, JDKs are not included.

For Solaris, Linux, or Mac OS X, only version 5.0 or higher should be added. For Microsoft Windows, where all JREs are found in the registry, version 1.3.1 or higher will be displayed.

Example:

Assume you are running on Microsoft Windows with Microsoft Internet Explorer, have first installed version 1.4.2, then version 5.0, and you want to run 1.4.2.

1. Go to the j2re1.4.2bin directory where JRE 1.4.2 was installed. On a Windows default installation, this would be here: C:Program FilesJavaj2re1.4.2bin
2. Double-click the jpicpl32.exe file located there. It will launch the control panel for 1.4.2.
3. Select the Browser tab. Microsoft Internet Explorer might still appear to be set (checked). However, when 5.0 was installed, the registration of the 1.4.2 JRE with Internet Explorer was overwritten by the 5.0 JRE.
4. If Microsoft Internet Explorer is shown as checked, uncheck it and click Apply. You will see a confirmation dialog stating that browser settings have changed.
5. Check Microsoft Internet Explorer and click Apply. You should see a confirmation dialog.
6. Restart the browser. It should now use the 1.4.2 JRE for conventional APPLET tags.

You can add a JRE by pressing Add and specifying its location (see notes above).

For Windows and Solaris, Linux, or Mac OS X you can optionally set Java Runtime Settings for the JRE.

Java Runtime Parameters

You can override the Java Plug-in default startup parameters by specifying custom options in the Java Runtime Parameters field. With the exception of setting classpath and cp, the syntax is the same as used with parameters to the java command line invocation. See the java launcher for a full list of command line options:

java launcher: Windows, Solaris, Linux, or Mac OS X.

Below are some examples of Java runtime parameters.

Setting classpath and cp

The following format should be used for setting classpath and cp in Java Plug-in. It differs slightly from the java command line format, which uses a space instead of the equal (=) sign.

Enabling and disabling assertion support

To enable assertion support, the following system property must be specified in the Java Runtime Parameters:

To disable assertion in the Java Plug-in, specify the following in the Java Runtime Parameters:

Assertion is disabled in Java Plug-in code by default. Since the effect of assertion is determined during Java Plug-in startup, changing assertion settings in the Java Plug-in Control Panel will require a browser restart in order for the new settings to take effect.

Because Java code in Java Plug-in also has built-in assertion, it is possible to enable the assertion in Java Plug-in code through the following:

Tracing and logging support

Tracing is a facility to redirect any output in the Java Console to a trace file (.plugin<version>.trace).

If you do not want to use the default trace file name:

Similar to tracing, logging is a facility to redirect any output in the Java Console to a log file (.plugin<version>.log) using the Java Logging API. Logging can be turned on by enabling the property javaplugin.logging.

If you do not want to use the default log file name, enter:

Furthermore, if you do not want to overwrite the trace and log files each session, you can set the property:

If the property is set to false, then trace and log files will be uniquely named for each session. If the default trace and log file names are used, then the files would be named as follows

Tracing and logging set through the Control Panel will take effect when the Plug-in is launched, but changes made through the Control Panel while a Plug-in is running will have no effect until a restart.

Debugging applets in Java Plug-in

The following options are used when debugging applets in the Java Plug-in.

The <connect-address> can be any string (example: 2502) which is used by the Java Debugger (jdb) later to connect to the JVM

Default connection timeout

When a connection is made by an applet to a server and the server doesn't respond properly, the applet may appear to hang and may also cause the browser to hang, since by default there is no network connection timeout.

To avoid this problem, Java Plug-in 1.4 has added a default network timeout value (2 minutes) for all HTTP connections. You can override this setting in the Java Runtime Parameters:

Another networking property that you can set is sun.net.client.defaultReadTimeout.

Note

Java Plug-in does not set sun.net.client.defaultReadTimeout by default. If you want to set it, do so through the Java Runtime Parameters as shown above.

Networking properties description:

These properties specify, respectively, the default connect and read timeout values for the protocol handlers used by java.net.URLConnection. The default value set by the protocol handlers is -1, which means there is no timeout set.

sun.net.client.defaultConnectTimeout specifies the timeout (in milliseconds) to establish the connection to the host. For example, for http connections it is the timeout when establishing the connection to the http server. For ftp connections it is the timeout when establishing the connection to ftp servers.

sun.net.client.defaultReadTimeout specifies the timeout (in milliseconds) when reading from an input stream when a connection is established to a resource.

For the official description of these properties, see Networking Properties.

Security

As of the JDK 7u51 release, the Security panel looks like this:

De-selecting the Enable Java content in the browser button, which is selected by default, will prevent any Java application from running in the browser.

Security Level Slider

When the Enable Java content in the browser option is selected, the Security Level slider becomes available. As the security level is increased, more restrictions are placed on allowing an application to run, and stronger warnings are issued to the user.

The default security level setting is High. The available settings are:

• Very High - Applications that are signed with a valid certificate that is located in the Signer CA keystore, and include the Permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. All other applications are blocked.

• High - Applications that are signed with a valid or expired certificate that is located in the Signer CA keystore, and include the Permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. Applications are also allowed to run with security prompts when the revocation status of the certificate cannot be checked. All other applications are blocked.

• Medium - All applications are allowed to run with security prompts.

See Rich Internet Application Deployment Process for information on how the decision to run or block an application is made.

The Security Level setting affects plug-in applets, Java Web Start applications, embedded JavaFX applications, and access to the native deployment toolkit plug-ins. This setting does not affect stand alone Java applications.

For more information, see Setting the Security Level of the Java Client.

Exception Site List

The exception site list contains a list of URLs that host RIAs that users want to run even if the RIAs are normally blocked by security checks. RIAs from the sites listed are allowed to run with applicable security prompts. Click Edit Site List to add, edit, and remove items.

See Exception Site List for more information.

Deployment Rule Set

If an active deployment rule set is installed on the system, the link View the active Deployment Rule Set is shown before the Manage Certificates button. Click the link to view the rule set. When a rule set is available, the rules determine if a RIA is run without security prompts, run with security prompts, or blocked. For more information on deployment rules, see Deployment Rule Set. For more information on security prompts, see Security Dialogs.

Restore Security Prompts

An option to hide a prompt in the future is included in some security prompts that are shown when an application starts. To insure the continued security of your system, it is recommended that you periodically restore the prompts that were hidden. Seeing the prompts again provides an opportunity to review the applications and ensure that you still want them to run.

To restore the prompts that were previously hidden, click Restore Security Prompts. When asked to confirm the selection, click Restore All. The next time an application is started, the security prompt for that application is shown.

Certificates

Click Manage Certificates to get the Certificates dialog, which looks like this:

Certificate Types

It handles both User- and System-Level (enterprise-wide) certificates of the following types:

Trusted Certificates

These are certificates for signed applets and applications that are trusted.

Secure site

These are certificates for secure sites.

Signer CA

These are certificates of Certificate Authorities (CAs) for Trusted Certificates; Certificate Authorities are the ones who issue the certificates to the signers of Trusted Certificates.

Secure site CA

These are certificates of Certificate Authorities (CAs) for secure sites; Certificate Authorities are the ones who issue the certificates for secure sites.

Client Authentication

These are certificates for a client to authenticate itself to a server.

User-Level Certificates

Options

For user-level certificates, there are four options: Import, Export, Remove, and Details. The user can import, export, remove, and view the details of a certificate.

Default Keystore Location

The following table shows the default locations of the of the keystore files.

Operating System	Location
Solaris, Linux, or Mac OS X	${user.home}/.java/deployment/security
Microsoft Windows	${deployment.user.home}security

For instance, on Microsoft Windows 7, the default location of the keystore files for user jsmith would be as follows:

Non-Default Keystore Location

For non-default locations of the certificate keystore files, specify them in the User-Level deployment.properties file with the following property names:

Certificate Type	Property Name
Trusted Certificates	deployment.user.security.trusted.certs
Secure site	deployment.user.security.trusted.jssecerts
Signer CA	deployment.user.security.trusted.cacerts
Secure site CA	deployment.user.security.trusted.jssecacerts
Client Authentication	deployment.user.security.trusted.clientcerts

System-Level Certificates

Options

For System-Level certificates, the only options a user has are Export and Details.

Default Keystore Location

Trusted, Secure Site, and Client Authentication certificate keystore files do not exist by default. Thus there are no default locations for them.

The default location for the Signer CA keystore is:

Operating System	Location
Solaris, Linux, or Mac OS X	$JAVA_HOME/lib/security/cacerts
Microsoft Windows	$JAVA_HOMElibsecuritycacerts

The default location for the Secure Site CA keystore is:

Operating System	Location
Solaris, Linux, or Mac OS X	$JAVA_HOME/lib/security/jssecacerts
Microsoft Windows	$JAVA_HOMElibsecurityjssecacerts

Non-Default Keystore Location

The location of the keystore files for the various types of certificates can also be set in a System-Level deployment.properties file, if it exists. The System-Level deployment.properties file does not exist by default. It is specified in a deployment.config file. See System-Level deployment.properties file. The following properties may be specified:

Certificate Type	Property Name
Trusted Certificates	deployment.system.security.trusted.certs
Secure site	deployment.system.security.trusted.jssecerts
Signer CA	deployment.system.security.trusted.cacerts
Secure site CA	deployment.system.security.trusted.jssecacerts
Client Authentication	deployment.system.security.trusted.clientcerts

Advanced

The Advanced panel looks like this (three screenshots are required to show the entire list of options):

It includes options for Debugging, Java console, Default Java for browsers, Shortcut Creation, JNLP File/MIME Association, Application Installation, Secure Execution Environment, Mixed code security verification, Certificate revocation checks, Advanced Security Settings, and Miscellaneous.

Debugging

You can enable tracing and logging.

Java Console

There are three options:

• Show the console
• Hide the console (default)
• Do not start the console

Default Java for Browsers

There are two options; both are selected by default:

• Microsoft Internet Explorer
• Mozilla Family

This option enables settings in your browser that enable you to use the JRE installed in your computer.

For example, if you enable this option for Microsoft Internet Explorer, then the option Use JRE <version number> for <applet> (requires restart) is available, where <version number> is the version of the JRE installed in your computer. (Find this option by going to Tools, then Internet Options, then click the tab Advanced.)

In addition, if you enable this option for Mozilla Family, and your browser is Firefox, then the extension Java Console <version number> appears in the Add-ons list, where <version number> is the version of the JRE installed in your computer. (Access the Add-ons list from the Tools menu in the menu bar.)

Shortcut Creation

This provides options for Java Web Start for creating shortcuts on the desktop. The options are:

• Always allow
• Always allow if hinted
• Prompt user
• Prompt user if hinted (default)
• Never allow

JNLP File/MIME Association

This allows you to associate files with the JNLP MIME type. The options are (radio button, select only one):

• Always allow
• Prompt user (default)
• Never allow

Application Installation

There are four options:

• Install if hinted (default)
• Install if shortcut created
• Install if hinted and shortcut
• Never install

A Java application or applet that is launched with Java Web Start can either be installed or cached on the client computer. If the Java application is cached, then Java Web Start stores the entire application in its cache; the application is removed from the client computer when Java Web Start empties its cache. If the Java application is installed, then the application will have an entry in the Add or Remove Programs applet in Windows Control Panel.

A Java application or applet can specify if it prefers to be cached or installed; if the Java application specifies that it prefers to be installed, then it is hinted. By default, Java applications that are hinted are installed on the client computer. You can also specify that a Java application is installed if it creates a shortcut on the client computer's desktop.

Secure Execution Environment

These options are check boxes. You can select any number of available options. All options are checked by default except for those specified. The following are the various Java security options:

• Allow user to grant permissions to signed content
• Show sandbox warning banner
• Allow user to accept JNLP security requests
• Don't prompt for client certificate selection when no certificates or only one exists
• Warn if site certificate does not match hostname
• Show site certificate from server even if it is valid (not checked by default)

Mixed code (sandboxed vs. trusted) security verification

The Mixed code options are radio buttons. You can select only one option. For more information, see Mixing Privileged Code and Sandbox Code.

• Enable - show warning if needed (selected by default)
• Enable - hide warning and run with protections
• Enable - hide warning and don't run untrusted code
• Disable verification (not recommended)

Perform certificate revocation checks on

Before a signed applet or Java Web Start application is run, the certificates used to sign the JAR file can be checked to ensure that none have been revoked. You can have all certificates checked, or only the certificate from the publisher of the app. If a certificate has been revoked, any app that is signed with the certificate is not allowed to run. This check can be disabled, but that is not recommended. You can select only one of the following options:

• Publisher's certificate only
• All certificates in the chain of trust (selected by default)
• Do not check (not recommended)

Check for certificate revocation using

The following options indicate what to use to determine if a certificate has been revoked:

• Certificate Revocations Lists (CRLs)
• Online Certificate Status Protocol (OCSP)
• Both CRLs and OCSP (selected by default)

If Do Not Check is selected for Perform certificate revocation checks on, this setting is ignored.

Advanced Security Settings

These options are check boxes. You can select any number of available options. All options are checked by default except for those specified. The following are the various Java security options:

• Use certificates and keys in browser keystore
• Enable blacklist revocation check
• Enable caching password for authentication
• Use SSL 2.0 compatible ClientHello format (not checked by default)
• Use SSL 3.0
• Use TLS 1.0
• Use TLS 1.1 (not checked by default)
• Use TLS 1.2 (not checked by default)

Miscellaneous

The following options are available, none are checked by default:

• Place Java icon in system tray

• Suppress sponsor offers when installing or updating Java

  Select this option if you do not want to be provided with offers from sponsors during the installation or update process.

• Java Quick Starter (Microsoft Windows only)

Command to launch default browser (Solaris, Linux, or Mac OS X only, not shown above)

Allows you to specify the location of the default browser to be launched.

Article ID = 3
Article Title = Java (Security) For macOS / OS X / Mac OS X
Article Author(s) = Graham Needham (BH)
Article Created On = 30th March 2011
Article Last Updated = 8th July 2019
Article URL = https://www.macstrategy.com/article.php?3
Article Brief Description:
Java For macOS / OS X / Mac OS X information, download/update links and security settings with instructions for disabling Java (plug-ins).

Java for macOS / OS X / Mac OS X

Java is a programming language that allows application/software to run on different operating systems (e.g. macOS / OS X / Mac OS X, Windows, Linux, Solaris) as long as a Java Runtime Environment is installed on the target operating system. Java can also be found on web sites where 'applet' code downloaded from the web site server will run locally on your computer via a web browser plug-in. There are different installations of Java depending on your usage requirement e.g. general user, developer, etc. The most common installation is the Standard Edition (SE) which is for general users.
NOTE:

• Because Java runs applications in the OS and in web browsers it is a common attack vector for malware and viruses.
• Java should not be confused with JavaScript which is a completely separate/different scripting language used on web sites/the internet.
• Java is now owned and maintained by Oracle.
• As of the 4th March 2015 (Java 8 Update 40) Oracle is now bundling adware with their Java installer.
• Apple's Safari v12 and later (September 2018 - macOS 10.12 or later) no longer supports the legacy Java plug-in and nor do any other major browsers (Fireefox, Chrome, etc).

In the past (Java SE v6 and earlier) Apple used to get the Java code from Oracle and write a Java Runtime Environment (JRE) for Mac OS X themselves but as of 15th October 2013 this is no longer the case. Java on a Mac consists of two primary software components:

1. An internet plug-in used to run Java 'applets' via the internet in a web browser e.g. some banking web sites.
NOTE: As of September 2018 most major browsers no longer support browser plug-ins so even if you install Java you may not be able to use the plug-in component.
2. A 'Runtime Environment' (RE) that also allows you to run Java 'applications' directly within the operating system.

Java SE versions supported by macOS / OS X / Mac OS X

• macOS 10.15 + macOS 11 - Java SE v8 (but Java web browser plug-in not supported in Safari v12 or later)
• OS X 10.11 to macOS 10.14 - Java SE v8 (but Java web browser plug-in not supported in Safari v12 or later) and/or v6 only for compatibility with older applications
• OS X 10.8 + OS X 10.10 - Java SE v8 and/or v6 only for compatibility with older applications
• OS X 10.7 - Java SE v7 and/or v6 only for compatibility with older applications
• Mac OS X 10.6 - Java SE v6
• Mac OS X 10.5 or earlier - Java SE v5

Windows Secure Application Manager

• Java v12 is the latest Java version but is only available as a JDK developer edition
• Java v11 is currently supported but is only available as a JDK developer edition
• Java v10 has been replaced with Java v12
• Java v9 has been replaced with Java v12 (April 2018 saw the start of the new version numbering scheme - vX.x.x)
• Java v8 became end of life in January 2018 but is currently supported and updated with security updates until at least the end of December 2020
• Java v7 was end of life January 2015 and no more updates were issued as of April 2015
• Java v6 was end of life February 2013 and no more updates were issued as of 15th October 2013
• Java v5 is no longer updated

Q. Which version of Java do you recommend?

A. If you don't need Java don't install it. If Java is installed we now highly recommend installing Java SE v8 from Oracle as Apple phased out Java SE v6 support in October 2012 and Oracle phased out Java SE v7 support in January 2015. So if you are running:

• OS X 10.8 to macOS 11 = (if you require Java) install Java SE v8 from Oracle.
• OS X 10.7 or earlier = don't use Java and uninstall/disable it if it is installed.

Q. How can I tell which version of macOS / OS X / Mac OS X I am running?

A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.

Q. How can I tell if a Java SE is installed on my Macintosh?

A. Follow these steps:

1. Go to Apple menu > System Preferences > Java (if a Java Preference pane exists you have Java SE v7 or later installed - you can get information on the version installed by going to the General tab and clicking 'About…')
2. If you do not have a Java Preference pane go to Macintosh HD > Applications > Utilities > Terminal
3. Enter the following commmand:
sudo /usr/libexec/java_home
4. Enter your computer's administrator password
NOTE: This Terminal command will report any versions of Java SE v6 or earlier that are installed on your computer. If none are listed you do not have Java installed.

Q. How do I keep Java SE v6 up to date on OS X / Mac OS X (if it is installed)?

A. The last update produced by Apple is Java SE v6 v1.6.0_65 back in 2013 so it is now very insecure - it is available for OS X 10.7 to macOS 10.13 only as a means of support for legacy applications like Adobe Creative Suite - you should only install Java for macOS 2017-001 if you specifically need it to run old applications that require it. If you need a secure version of Java and you have:

• OS X 10.8 to macOS 11 = install Java SE v8 from Oracle.
• OS X 10.7 or earlier = don't use Java and uninstall/disable it if it is installed.

Q. How do I keep Java SE v8 or later up to date on macOS / OS X (if it is installed)?

Q. I have Java SE v7. How do I update it to v8/v11?

A. Go to Apple menu > System Preferences > Java > Update tab and tick 'Check for Updates Automatically'.
See also this How do I update Java for my Mac? article from Oracle.
As of the 20th January 2015 Java auto-update will update Java SE v7 to v8.

Q. Now that Oracle have released Java SE v12 is v8 end of life/insecure?

Q. Which versions of Java are no longer supported/insecure?

A. Oracle provides a Java SE Support Roadmap. You can check the dates that Java SE versions become end of life/no longer supported/insecure but basically:

• Java v12 is the latest Java version but is only available as a JDK developer edition
• Java v11 is currently supported but is only available as a JDK developer edition
• Java v10 has been replaced with Java v12
• Java v9 has been replaced with Java v12 (April 2018 saw the start of the new version numbering scheme - vX.x.x)
• Java v8 became end of life in January 2018 but is currently supported and updated with security updates until at least the end of December 2020
• Java v7 was end of life January 2015 and no more updates were issued as of April 2015
• Java v6 was end of life February 2013 and no more updates were issued as of 15th October 2013
• Java v5 is no longer updated

Q. I need Java and I've installed Java SE v7/v8/v9/v10/v11/v12 but my Java software specifically needs SE v6. Is there anything I can do?

A. Yes, you can downgrade v7/v8/v9/v10/v11/v12 to v6 by following the instructions in this Apple support document to disable JavaSE v7 and re-enable Java SE v6 (but note that Java SE v6 is no longer supported for security updates so only do this if you absolutely must for Java compatibility). macOS10.15 or later do not support Java SE v6 at all.

Java Notes

• Java was included as standard with Mac OS X 10.6 or earlier - it cannot easily be removed but it can be disabled.
• A Java SE is not included as standard with OS X 10.7 or later but it may include a Java plug-in (so you are recommended to disable this plug-in if you don't use Java on the internet).
• macOS 10.15 or later do not support Java SE v6 at all.
• Java SE v6 is required for some old software applications such as Adobe Creative Suite.
• If you have OS X 10.7 to OS X 10.10 and you try to run an application that requires Java SE v6, OS X / macOS can automatically install Java for macOS 2017-001 - permission will be asked first and it is not a silent install.
• If you have OS X 10.11 to macOS 10.14 and you try to run an application that requires Java SE v6, OS X / macOS will not automatically install it for you - OS X / macOS will direct you to download and manually install Java for macOS 2017-001.
• If you have macOS 10.15 or later Java SE v6 is not supported and a later Java SE will need to be manually installed if you require it.
• If you upgrade the macOS / OS X / Mac OS X operating system Java SE v6 is removed and needs to be reinstalled.

Java Links

• OpenJDK (Open source version of Java RE)
• OpenJFX (Open source version of Java FX)

Java Security for Mac Users > How To Disable/Secure Java

Java SE v6 and earlier are end of life and are no longer supported/updated. If you are running Mac OS X 10.6 or earlier you are recommended to disable Java and read up on securing older operating systems.

Q. How can I tell which version of macOS / OS X / Mac OS X I am running?

A. Go to Apple menu (top left) > About This Mac > check the version reported for macOS / OS X / Mac OS X.

Securing/Disabling Java SE in OS X 10.7 or later

1. Go to Apple menu > System Preferences > Java > (the Java Control Panel will open separately) > Security tab
• If the Java preference pane does not exist you do not have Java SE v7 or later installed. Go to the disabling Java SE v6 instructions below.
• If you have a Java preference pane and the Java Control Panel opens separately go to the 'Security' tab in the control panel. If there is no Security tab you have an old version of Java SE v7 installed - update Java SE v7 first, then come back to these instructions.
2. Set the 'Security Level' slider to 'Very High'.
3. If you don't use Java untick 'Enable Java content in the Browser'.
4. If you do use Java click 'Advanced Security Settings' and configure as required for your Java usage.
5. Now go to the 'Update' tab and tick 'Check for Updates Automatically'.
6. Now go to the 'General' tab, click 'Settings…' under 'Temporary Internet Files' and untick 'Keep temporary files on my computer' and click 'Delete Files…'. Click 'OK'.
7. You are now also recommended to switch off Java in your web browsers.

Disabling Java SE v6 in OS X 10.7 or later

1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
NOTE: If you get a message stating 'To open 'Java Preferences,' you need a Java SE 6 runtime. Would you like to install one now?' click 'Not Now' (you do not have Java SE v6 installed - go to disabling the Java plug-in in your web browsers).
2. Make sure no Java versions are ticked under 'On'.
3. Then go to the 'Network' tab and untick 'Keep temporary files for fast access' and click 'Delete Files…'. Click 'OK'.
4. You are now also recommended to switch off Java in your web browsers.

NOTE: If you need Java and have installed Java Update 2012-006 or later from Apple you will have no Java Preferences in Applications > Utilities or a Java plug-in so you are recommended to install Java SE v7 to give you the most up to date Java RE, a Java plug-in and a Java Preferences pane in System Preferences.

Disabling Java SE v5/v6 in Mac OS X 10.5 or 10.6

NOTE: Java will not work at all including locally installed applications that may require it.

1. Go to Macintosh HD > Applications > Utilities > Java Preferences > General tab.
2. Make sure no Java versions are ticked under 'On'.
3. Then go to the 'Network' tab and untick 'Keep temporary files for fast access' and click 'Delete Files…'. Click 'OK'.
4. You are now also recommended to switch off Java in your web browsers.

Disabling Java SE in Mac OS X 10.4 or earlier

You cannot switch off Java in Mac OS X 10.4 or earlier and there is no Java Preferences so make sure you delete any (Java plug-ins and also switch off Java in your web browsers.

Disabling the Java plug-in In Your Web Browsers

NOTE: Java applets will not work in your web browser but locally installed Java applications may still work (see disabling the Java Runtime Environment for your OS).
NOTE: You need to disable the Java plug-in for each and every web browser that you use/have installed.

• Apple Safari 12 or later (for macOS 10.12 or later) - Java is not supported (because NPAPI plug-ins are not supported)
• Apple Safari up to version 11 - open Safari > go to Safari menu > Preferences… > Security tab > click 'Plug-in Settings…' > untick 'Java' in the list on the left
• Apple Safari 5.1.9 (for Mac OS X 10.6) / 6.0.4 (for OS X 10.7/10.8) or later - open Safari > go to Safari menu > Preferences… > Security tab > untick 'Allow Java' or you can tick it to enable it and you now have control of the Java plug-in for individual websites by clicking the 'Manage Website Settings…' button
• Google Chrome - Java is not supported (because NPAPI plug-ins are not supported)
• Chromium - Java is not supported (because NPAPI plug-ins are not supported)
• Mozilla Firefox - Java is not supported (because NPAPI plug-ins are not supported)
• iCab - open iCab > go to iCab menu > Preferences… > Java icon > untick 'Execute Java applets'
• Omniweb - open Omniweb > go to Omniweb menu > Preferences… > Security icon > untick 'Enable Java'
• Opera - Java 7 or later is not supported - plug-ins cannot be disabled
• Seamonkey - open Seamonkey > go to Seamonkey menu > Preferences… > select 'Scripts & Plugins' on the left under the 'Advanced' heading > untick 'Enable Plugins for Suite'
• Maxthon - TO BE CONFIRMED
• Yandex - Java is not supported (because NPAPI plug-ins are not supported)
• Brave - Java is not supported (because NPAPI plug-ins are not supported)
• Vivaldi - Java is not supported (because NPAPI plug-ins are not supported)
• tenFOUR Fox - Java is not supported (because plug-ins are not supported)

REMOVING THE JAVA PLUG-IN FROM YOUR OS

NOTE: Java applets will not work in your web browser and they never will until you reinstall Java. Only follow these instructions if you will never use Java on the internet. If you are unsure simply switch off Java in all your web browsers.

1. Go to Macintosh HD > Library > Internet Plug-Ins folder and remove/delete any of following items if they are present:
• JavaAppletPlugin.plugin (alias/shortcut)
• JavaAppletPlugin.plugin
• JavaPluginCocoa.bundle
2. Go to Macintosh HD > Users >your home directory > Library > Internet Plug-Ins folder too and remove/delete any of the above items if they are present.

Java Secure Application Manager Download Mac Version

NOTE: If there are multiple users on your computer you should remove the plug-in from each user account's Library.
NOTE: If you have OS X 10.7 or later your user Library folder is hidden. It can be accessed by going to the Go menu > Library while holding down the alt (option) key.

macOS / OS X / Mac OS X Applications that (may) require a Java Runtime Environment

• Components of Adobe Creative Suite and individual applications e.g. Adobe Flash
• Components of OpenOffice i.e. the Base application and the suite's wizards, accessibility and assistive technologies - see Open Office and Java
• Angry IP Scanner
• Brother printer administration software 'BRAdmin Light.jar'
• ClickRepair
• CrashPlan app versions 3.6.2 and earlier (3.6.3 or later includes Java within the application)
• Cyberduck
• DbVisualizer
• Emailchemy (for Mac OS X 10.6 and earlier)
• Eudora OSE
• FileMaker Pro Server (not the client version) - Server Administration Console, Admin Server and Web Publishing Engine components only - details here
• Graphic Converter 9 (optional Java library requirement only for importing certain specific medical format images)
• Greenfoot
• Jim
• Moneydance
• myPhoneDesktop
• NetBeans
• Symantec Norton Antivirus 11 - requires Java for LiveUpdate to work
• Symantec Endpoint Protection 12
• PDF OCR X 1.x (2.x or later includes Java within the application)
• PDFKey Pro
• RazorSQL
• SQLEditor
• TiVo Transfer
• ViewONE Standard / Pro
• Vuze aka Azereus
• Zumocast

Java Bundled Adware

As of the 4th March 2015 (Java 8 Update 40) Oracle is now bundling adware with their Java installer! Initially it was ask.com but currently it is Yahoo.

• Adware is a search App/toolbar (browser extension) that gets added to your web browser by installing Java.
• It is an optional installation but it is opt-out i.e. by default it will be installed - you have to explicitly tell the installer not to install it (see picture below).
• Only new/clean installations of Java will give the option - however, full macOS / OS X / Mac OS X system upgrades/clean installs may require Java to be reinstalled so this is a problem to also look out for when migrating computers or reinstalling/upgrading your OS.
• If you already have a version of Java 8 earlier than Update 40 installed, the adware is not installed and the option to install it does not appear.

If you are installing Java 8 new/cleanly then you will get the below option screen during the installation process - to not install the Yahoo adware UNTICK 'Set Yahoo as your homepage and new tab page on all browsers, plus get Yahoo as your default search engine on Firefox.':The older Ask.com adware screen looked like this - to not install the Ask.com adware UNTICK 'Set Ask.com as my browser homepage':

How To Disable/Remove The Adware Installation Option

Once Java is installed, you can turn off the option appearing in future installations/updates by going to Apple menu > System Preferences > Java (this will open the Java Control Panel separately) > Advanced tab > scroll to the bottom and TICK 'Suppress sponsor offers when installing or updating Java' > click 'Apply' (see the picture below).

How To Disable/Remove The Ask.com Adware On A Mac

Apple Safari Browser

1. Quit all running applications except Safari.
2. In Safari go to the Safari menu > Preferences > Extensions and turn the Ask extension off.

Mozilla Firefox Browser

1. Quit all running applications except Firefox.
2. In Firefox go to the Tools menu > Add-ons > click Extensions on the left > locate the Ask extension on the right and click the 'Disable' or 'Remove' button next to it.

Google Chrome Browser

1. Quit all running applications except Chrome.
2. In Chrome go to the Chrome menu > Preferences > Settings > Manage Search Engines and remove Ask.
3. Go to the Preferences > Extensions tab and remove the Ask extension (click the Trash icon next to Ask).

Article Keywords: Mac OS X OSX 105 106 107 108 109 1010 1011 macOS 1012 1013 1014 1015 Leopard Snow Leopard Lion Mountain Lion Mavericks Yosemite El Capitan Sierra High Sierra Mojave Catalina standard edition Oracle JRE Java RE run time runtime environment FX JavaFX standard edition SE malware malicious trojan driveby drive-by virus security secure securing disable disabling remove removing plugin plugin applet block blocking

This article is © MacStrategy » a trading name of Burning Helix. As an Amazon Associate, employees of MacStrategy's holding company (Burning Helix sro) may earn from qualifying purchases. Apple, the Apple logo, and Mac are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc.