Skip to Content
Author's profile photo M. RAHAMAN

Application Blocked by Java Security – SAP PI ESR

I will try to document the solution to one of the errors which occured in my environment  when logging in to the Process Integration (PI) Enterprise Services Repository (ESR) or Integration Builder tools for Java Web Start software version 7 and 8.

Supported Java Web Start Versions:

SAP has recently released Note 2073368 – Compatibility matrix: recommended Java version for Integration Builder tools of SAP Process Integration. The Java Versions supported with the PI releases and SP’s below:

Java 8 update 31 for 64 bit is compatible with:

SAP PI 7.01 >= SP17
SAP PI 7.10 >= SP19
SAP PI 7.11 >= SP13
SAP PI 7.3 >= SP13
SAP PI 7.31 >= SP16
SAP PI 7.4 >= SP11

Java 7 update 65 both 32 bit and 64 bit is compatible with:

SAP PI 7.01 >= SP15
SAP PI 7.02 >= SP15
SAP PI 7.10 >= SP18
SAP PI 7.11 >= SP13
SAP PI 7.3 >= SP12
SAP PI 7.31 >= SP13
SAP PI 7.4 >= SP08

For older release and much more please refer to below wiki

Here in my environment we have recently upgraded our JAVA version to 1.8


After upgrading whenever we were trying to open ESR we were getting below error


Java 7u10 introduced the ability to manage when and how untrusted Java applications (i.e. an application that is digitally signed by an unknown publisher, or a certificate that has not been issued by a trusted Certificate Authority) will run if they are included on a web page. Setting the security level within the Java Control Panel will determine whether 

  1. You are prompted before an untrusted java application is run (MEDIUM or HIGH) or
  2. Untrusted Java applications will be blocked so they cannot run (VERY HIGH).


Starting with Java 7 Update 51, applets that do not conform with the latest security practices can still be authorized to run by including the sites that host them to the Exception Site List.


Starting with Java 8 Update 20, the Medium security level has been removed from the Java Control Panel. Only High and Very High levels are available.

The exception site list provides users with the option of allowing the same applets that would have been allowed by selecting the Medium option but on a site-by-site basis therefore minimizing the risk of using more permissive settings.

How to configure exception list

The Exception Site List feature was introduced in the release of Java 7 Update 51. By adding application URL to the Exception list allows users to run Rich Internet Applications (RIAs) that would normally be blocked by security checks.

The exception site list is managed in the Security tab of the Java Control Panel. To add, edit or remove a URL from the list, click Edit Site List as shwon below:

Open the Java Control Panel using command <Path to Java binaries>\javaws -viewer from command prompt or from Start–>Run.If you have it added in your PATH variable then no need to provide the Full Path.

It will open a Window like this:-

Java Control Panel – Java 8


• Click on the Edit Site List button.


  • Click the Add in the Exception Site List window.
  • Click in the empty field under Location field to enter the URL. In mycase I added http://<PI Hostname>/:5<Instanceno>00.If you notice that your ESR is using FQDN then you have to provide FQDN here.Remember Wildcards are not supported here.
  • Click OK to save the URL that you entered. If you click Cancel, the URLs are not saved.
  • Click Continue on the Security Warning dialog.

You can Remove, Edit any URL using above method.

Now try to open ESR and it should open now.



2) SAP Note# 2073368 – Compatibility matrix: recommended Java version for Integration Builder tools of SAP Process Integration


Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo David Nguyen
      David Nguyen

      Thank you for the blog!