签名的Java Applet无法正常工作
[英]Signed Java Applet not Working
问题描述
I'm working on a Java Applet that used to be self-signed. 
我正在研究曾经是自签名的Java Applet。 Now that java 7u51 is being used, I am working to get the jar for the Applet signed. 现在正在使用java 7u51,我正在努力为Applet签名。
I used the certificate/key used for the apache2 ssl to sign the jar. 我使用了用于apache2 ssl的证书/密钥来对jar进行签名。 In order to do this I had to create a new keystore using the key/certificate, and the Not Yet Commons SSL library. 为此,我必须使用密钥/证书和Not Commons SSL库创建一个新的密钥库。
If I run jarsigner -verify on the applet jar, i get: 如果我在applet jar上运行jarsigner -verify,则会得到:
This jar contains entries whose signer certificate's ExtendedKeyUsage extension
doesn't allow code signing.
The applet is still getting an invalid certificate error. 小程序仍收到无效的证书错误。 I can view the certificate, and it is the same certificate used for SSL. 我可以查看该证书,它与用于SSL的证书相同。 The error message says that it was blocked due to being self-signed, but this is not a self-signed certificate! 该错误消息表明它由于被自签名而被阻止,但这不是自签名证书!
I can run the applet when I move the security settings down to "medium", but this is unacceptable for this project. 当我将安全设置下移到“中”时,我可以运行该applet,但这对于该项目是不可接受的。
The certificate I used to sign this is part of a chain (about 4 long). 我用来签署此证书的证书是一条链的一部分(约4个长)。 Is there a way I need sign the jar using the whole chain? 有什么方法需要使用整个链条对罐子进行签名吗? Do I need to use a Code Signing certificate? 我需要使用代码签名证书吗?
1 个解决方案
解决方案1
0 已采纳 2014-07-22 15:28:58
I'm no longer working on this project, so am closing this question. 我不再从事这个项目,所以关闭这个问题。 The solution we went with was to add security exceptions for the URL that the applet was hosted from using a group policy. 我们采用的解决方案是使用组策略为托管applet的URL添加安全例外。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.