How can I get older Java-based web GUIs to work?

Historically, Java has been an application with many security flaws, which modern browsers and related applications have put many measures in place to protect against. Unfortunately, many embedded ampliances, like Qlogic SANbox switches or pre-summer-2016 Supermicro iKVM, use old, insecure Java applets that fail to load properly in these modern browsers due to the very old and unsigned versions of Java applets that they use.

General Java considerations:

  • Java 7 allows the "medium" security setting, which allows self-signed Applets to run with exceptions made. Internet Explorer blocks Java 7 (see "Internet Explorer" section below.)
  • Java 8 removes the "medium" security setting, but still allows per-URL exceptions to be made, as well as allowing better compatibilty with Internet Explorer.
  • It might be easiest and safest to create a Windows virtual machine containing only the old versions and their proper configurations.

Supermicro iKVM Java Applet (IPMI) considerations:

With external applets like this, only the Java version/settings will matter. External applets will be opened by the Java "Java Web Start". Web browser version does not matter, because the only purpose of the web browser will be to download the "launch.jnlp" file.

Qlogic/Brocade GUI considerations:

These GUIs have an embedded Java program. Web browser version will matter, because modern web browsers do not allow embedded Java applications. See below:

Browser compatibility (listed easiest to hardest):

Netscape Navigator

With its final release occuring in 2008, Netscape Navigator actually serves as a great option for Windows users to use Java versions that are also old and insecure. Download here.


As of Firefox version 52 (September 2016), support has ended for most NPAPI plugins, including Java. Consider an older portable version to not disrupt a current, local install of Firefox (additional source for macOS version).

Internet Explorer

Internet explorer still support ActiveX controls like Java, though it will block it if an old version (such as Java 7, etc) is detected.


NPAPI support dropped in v45. Due to its modern security and lack of a portable version, Chrome is generally the least-friendly browser for use with Java.

Matthew Jensen
2020-03-06 15:52
Return to