Documentation Contents

Note: This page is out of date. Please see the updated Java Control Panel page in the Java Rich Internet Applications Development and Deployment guide for the latest information.

Java Control Panel

The Java Control Panel is a multipurpose control panel. It allows you to view and set a wide range of parameters controlling how Java technology runs on your computer. It lets you view and delete temporary files used for Java Plug-in, which allows Java technology to be used by your Web browser to run applets; and Java Web Start, which allows you to run Java applications over the network. It allows you to control certificates, making it safe to run applets and applications over the network. It allows you to set runtime parameters for applets that run with Java Plug-in and applications that run with Java Web Start. It provides a mechanism for updating your version of the Java platform so that you always have the latest. And it allows you to set options for debugging, desktop integration, applet handling, etc. The Java Control Panel includes the following separately viewable panels:



The General panel looks like this:

General panel

It includes three subpanels: About, Network Settings, and Temporary Internet Files.


The About... button displays version information for the latest JRE installed on the computer.

Network Settings

These settings are for network connections. Press the Network Settings... button to get the Network Settings dialog. There are four choices:

Use browser settings

Check this to use the browser default proxy settings. This is the default setting (checked).

Use proxy server

You have two choices here:

Advanced Network Settings panel

Use automatic proxy configuration script

You can specify the location (URL) for the JavaScript file (.js or .pac extension) that contains the FindProxyForURL function. FindProxyForURL has the logic to determine the proxy server to use for a connection request.

Direct Connection

Select this for situations where you do not want to use a proxy.

Temporary Internet Files

You can do the following:


The Update panel looks like this:

Update panel


This panel is only available on Windows for 1.4.2_01 and higher releases and only for users with Administrative privileges.

The Update panel, in conjunction with the Java Update Scheduler (jusched.exe), is used to provide the latest Java updates to the end user.

Update Panel Options

There are two basic options on the Update tab:

Automatic update is performed on a scheduled basis and it is selected by checking the Check for Updates Automatically check box.

Manual update is performed by pressing the Update Now button.

If you select automatic update, you can then set the notification via the Notify Me: drop-down menu, and you can set the update schedule via the Advanced... button.

With notification, you can chose to be notified before an update is downloaded and before it is installed; or you can chose to be notified only before an update is installed (i.e., the download is automatic).

The Advanced... allows you to select the desired frequency for updates: daily, weekly (default), or monthly. For daily updates, you can select the time of the day for the update; for weekly updates, you can select the day of the week and the time of the day; for monthly updates, you can select the day of the month and the time of the day.

You can do manual updates at any time by pressing the Update Now button. This allows you to do immediate, unscheduled updates.

Java Update Scheduler

The Java Update Scheduler (jusched.exe) is used for launching automatic updates when Update Automatically is selected in the Update tab. jusched.exe runs as a background process that launches the Update Manager at predefined intervals set by the user through the Advanced... button of the Update tab. The Update Manager coordinates the update process.

jusched.exe is launched when the user reboots the computer after installing the SDK/JRE. It is normally transparent to the user but can be viewed in the Processes tab of the Windows Task Manager. Should a user for some reason not want the scheduler to run, it can be killed via End Process button of the Processes tab.


The Java panel looks like this:

Java panel

Click the View... button to access the Java Runtime Environment Settings dialog.

Java Runtime Environment Settings

These settings will be used when a Java application is launched. The Java Runtime Environment Settings dialog looks like the following on Windows:

Java Runtime Environment Settings dialog

Each row in the Java Runtime Versions panel represents a Java Runtime Environment that is installed in your computer. You may modify the value in each cell by double-clicking it:

Click the Find button to launch the JRE Finder. This utility searches for unregistered private Java Runtime Environments installed in your computer and adds them to the Java Runtime Versions panel.

Click the Add button to manually add a Java Runtime Environment to the Java Runtime Versions panel. When you click the Add button, a new row appears in the Java Runtime Versions panel; however, there are no values for Platform, Product, Path, Runtime Parameters, and Enabled; you must specify them yourself.

Click the Remove button to remove the selected Java Runtime Environment from the Java Runtime Versions panel.


There will always be at least one entry. It will be the most recently installed JRE; i.e., the JRE associated with the Java Control Panel.

Windows will show all JREs installed on a computer. The Java Control Panel finds the JREs by looking in the registry. On Unix, the situation is different. There is no registry so there is no easy way to find the JREs that a user may have installed. The JRE that Java Web Start or Java Plug-in is using to deploy applications is the JRE that is considered registered. Consequently, use the Find, Add, and Remove buttons to change which JREs are listed in the Java Runtime Environments panel.

For Unix, only version 5.0 or higher should be added. For Windows, where all JREs are found in the registry, version 1.3.1 or higher will be displayed.


Assume you are running on Microsoft Windows with Microsoft Internet Explorer, have first installed version 1.4.2, then version 5.0, and you want to run 1.4.2.

  1. Go to the j2re1.4.2\bin directory where JRE 1.4.2 was installed. On a Windows default installation, this would be here: C:\Program Files\Java\j2re1.4.2\bin
  2. Double-click the jpicpl32.exe file located there. It will launch the control panel for 1.4.2.
  3. Select the Browser tab. Microsoft Internet Explorer might still appear to be set (checked). However, when 5.0 was installed, the registration of the 1.4.2 JRE with Internet Explorer was overwritten by the 5.0 JRE.
  4. If Microsoft Internet Explorer is shown as checked, uncheck it and click Apply. You will see a confirmation dialog stating that browser settings have changed.
  5. Check Microsoft Internet Explorer and click Apply. You should see a confirmation dialog.
  6. Restart the browser. It should now use the 1.4.2 JRE for conventional APPLET tags.

You can add a JRE by pressing Add and specifying its location (see notes above).

For Window and Unix you can optionally set Java Runtime Settings for the JRE.

Java Runtime Parameters

You can override the Java Plug-in default startup parameters by specifying custom options in the Java Runtime Parameters field. With the exception of setting classpath and cp (see Setting classpath and cp below), the syntax is the same as used with parameters to the java command line invocation. See the java launcher for a full list of command line options:

java launcher: Windows, Solaris and Linux.

Below are some examples of Java runtime parameters.

Setting classpath and cp

The following format should be used for setting classpath and cp in Java Plug-in. It differs slightly from the java command line format, which uses a space instead of the equal (=) sign.


Enabling and disabling assertion support

To enable assertion support, the following system property must be specified in the Java Runtime Parameters:

-[ enableassertions | ea ][:<package name>"..." | : <class name> ]

To disable assertion in the Java Plug-in, specify the following in the Java Runtime Parameters:

-[ disableassertions | da ][:<package name>"..." | : <class name> ]

See Assertion Facility for more details on enabling/disabling assertions.

Assertion is disabled in Java Plug-in code by default. Since the effect of assertion is determined during Java Plug-in startup, changing assertion settings in the Java Plug-in Control Panel will require a browser restart in order for the new settings to take effect.

Because Java code in Java Plug-in also has built-in assertion, it is possible to enable the assertion in Java Plug-in code through the following:

-[ enableassertions | ea ]:sun.plugin

Tracing and logging support

Tracing is a facility to redirect any output in the Java Console to a trace file (.plugin<version>.trace).


If you do not want to use the default trace file name:


Similar to tracing, logging is a facility to redirect any output in the Java Console to a log file (.plugin<version>.log) using the Java Logging API. Logging can be turned on by enabling the property javaplugin.logging.


If you do not want to use the default log file name, enter:


Furthermore, if you do not want to overwrite the trace and log files each session, you can set the property:


If the property is set to false, then trace and log files will be uniquely named for each session. If the default trace and log file names are used, then the files would be named as follows

.plugin<username><date hash code>.trace
.plugin<username><date hash code>.log

Tracing and logging set through the Control Panel will take effect when the Plug-in is launched, but changes made through the Control Panel while a Plug-in is running will have no effect until a restart.

For more information about tracing and logging, see the chapter called Tracing and Logging.

Debugging applets in Java Plug-in

The following options are used when debugging applets in the Java Plug-in. For more information on this topic see the Debugging Support in the Java Plug-in Developer Guide.


The <connect-address> can be any string (example: 2502) which is used by the Java Debugger (jdb) later to connect to the JVM

Default connection timeout

When a connection is made by an applet to a server and the server doesn't respond properly, the applet may appear to hang and may also cause the browser to hang, since by default there is no network connection timeout.

To avoid this problem, Java Plug-in 1.4 has added a default network timeout value (2 minutes) for all HTTP connections. You can override this setting in the Java Runtime Parameters:<value in

Another networking property that you can set is<value in milliseconds>


Java Plug-in does not set by default. If you want to set it, do so through the Java Runtime Parameters as shown above.

Networking properties description:

These properties specify, respectively, the default connect and read timeout values for the protocol handlers used by The default value set by the protocol handlers is -1, which means there is no timeout set. specifies the timeout (in milliseconds) to establish the connection to the host. For example, for http connections it is the timeout when establishing the connection to the http server. For ftp connections it is the timeout when establishing the connection to ftp servers. specifies the timeout (in milliseconds) when reading from an input stream when a connection is established to a resource.

For the official description of these properties, see Networking Properties.



  1. Some information in this section depends on an understanding of System- and User-Level Properties Files. Please read that section.
  2. System-Level keystore files do not exist by default; they are created and managed by a System Administrator using keytool. (See Security Tools.)

The Security panel looks like this:

Security panel

Press the Certificates... button to get the Certificates dialog, which looks like this:

Certificates dialog

Certificate Types

It handles both User- and System-Level (enterprise-wide) certificates of the following types:

Trusted Certificates

These are certificates for signed applets and applications that are trusted.

Secure site

These are certificates for secure sites.

Signer CA

These are certificates of Certificate Authorities (CAs) for Trusted Certificates; Certificate Authorities are the ones who issue the certificates to the signers of Trusted Certificates.

Secure site CA

These are certificates of Certificate Authorities (CAs) for secure sites; Certificate Authorities are the ones who issue the certificates for secure sites.

Client Authentication

These are certificates for a client to authenticate itself to a server.

User-Level Certificates


For Trusted, Secure site, and Client Authentication certificates, there are four options: Import, Export, Remove, and Details. The user can import, export, remove, and view the details of a certificate.

For Signer CA and Secure site CA, there is only one option: Details. The user can only view the details of a certificate.

Default Keystore Location

The default locations of the of the keystore files for Unix and Windows are as follows:

Operating System Location
Unix ${user.home}/.java/deployment/security.


For instance, on Windows 2000/XP, the default location of the keystore files for user jsmith would be as follows:

C:\Documents and Settings\jsmith\ApplicationData\Sun\Java\Deployment\security

Non-Default Keystore Location

For non-default locations of the certificate keystore files, specify them in the User-Level file with the following property names:

Certificate Type Property Name
Trusted Certificates
Secure site
Signer CA
Secure site CA trusted.jssecacerts
Client Authentication

System-Level Certificates


For System-Level certificates, the only options a user has are Export and Details.

Default Keystore Location

Trusted, Secure Site, and Client Authentication certificate keystore files do not exist by default. Thus there are no default locations for them.

The default location for the Signer CA keystore is:

Operating System Location
Unix $JAVA_HOME/lib/security/cacerts


The default location for the Secure Site CA keystore is:

Operating System Location
Unix $JAVA_HOME/lib/security/jssecacerts


Non-Default Keystore Location

The location of the keystore files for the various types of certificates can also be set in a System-Level file, if it exists. (The System-Level file does not exist by default. It is specified in a deployment.config file. See System-Level file.) The following properties may be specified:

Certificate Type Property Name
Trusted Certificates
Secure site
Signer CA
Secure site CA trusted.jssecacerts
Client Authentication


The Advanced panel looks like this:

Advanced panel

It includes options for Debugging, Java console, Default Java for Browsers, Java Plug-in, JavaFX runtime, Shortcut creation, JNLP File/MIME Association, Application Installation, JRE Auto-Download, Insecure JRE versions, Security, and Miscellaneous.


You can enable tracing and logging. For more information on tracing and logging and how to set runtime parameters for tracing and logging, see Tracing and Logging.

Java Console

There are three options:

See Java Console for information about it.

Default Java for Browsers

There are two options; both are selected by default:

This option enables settings in your browser that enable you to use the JRE installed in your computer.

For example, if you enable this option for Microsoft Internet Explorer, then the option Use JRE <version number> for <applet> (requires restart) is available, where <version number> is the version of the JRE installed in your computer. (Find this option by going to Tools, then Internet Options, then click the tab Advanced.)

In addition, if you enable this option for Mozilla Family, and your browser is Firefox, then the extension Java Console <version number> appears in the Add-ons list, where <version number> is the version of the JRE installed in your computer. (Access the Add-ons list from the Tools menu in the menu bar.)

Java Plug-in

There is only one option, which is selected by default: Enable the next-generation Java Plug-in (requires browser restart).

If this option is selected, then the implementation of the Java Plug-In introduced in Java SE 6 update 10 is used. If this option is not selected, the Java Plug-In implementation prior to the one introduced in Java SE 6u10 is used.

JavaFX runtime (Windows only)

There is only one option, which is selected by default: Enable JavaFX runtime. Use this option to enable or disable the JavaFX runtime.

Shortcut Creation

This provides options for Java Web Start for creating shortcuts on the desktop. The options are:

JNLP File/MIME Association

This allows you to associate files with the JNLP MIME type. The options are (radio button, select only one):

Application Installation

There are four options:

A Java application or applet that is launched with Java Web Start can either be installed or cached on the client computer. If the Java application is cached, then Java Web Start stores the entire application in its cache; the application is removed from the client computer when Java Web Start empties its cache. If the Java application is installed, then the application will have an entry in the Add or Remove Programs applet in Windows Control Panel.

A Java application or applet can specify if it prefers to be cached or installed; if the Java application specifies that it prefers to be installed, then it is hinted. By default, Java applications that are hinted are installed on the client computer. You can also specify that a Java application is installed if it creates a shortcut on the client computer's desktop.

JRE Auto-Download

There are three options:

If a JNLP file requests a JRE that is not installed, then this option specifies what action is performed.

Insecure JRE Versions

If users have a version of Java on their system that is below the security baseline, a warning message is displayed before an application or an applet can be run using that version. You can control this warning message by choosing one of the following three options:

This option sets the property deployment.insecure.jres in the file. See Deployment Configuration File and Properties for more information about this file.


The General options are check boxes. You can select any number of available options. All options are checked by default except for those specified. The Mixed code options are radio buttons. You can select only one option. The following are the various Java security options:

Miscellaneous (Window only)

There are two options; both are checked by default:

Command to launch default browser (Unix only, not shown above)

Allows you to specify the location of the default browser to be launched.

Oracle and/or its affiliates Copyright © 1993, 2014, Oracle and/or its affiliates. All rights reserved.
Contact Us