已签名的java applet被安全设置屏蔽

Question

我有一个非常基本的Java Applet，使用我自己的证书签名。当我在我的网站上试用时，我收到消息说应用程序被安全设置阻止。

这就是我所做的。 我签署使用jarsigner工具的jar文件：

jarsigner -keystore keystore.p12 -storetype pkcs12 -tsa http://timestamp.comodoca.com/rfc3161 TestApplet1.jar codesign 

当我确认这一切看起来好像没什么问题的jar：

$ jarsigner -verify -verbose -certs TestApplet1.jar 

s k  415 Thu Oct 09 12:19:18 CEST 2014 META-INF/MANIFEST.MF 

     [entry was signed on 9-10-14 12:19] 
     X.509, EMAILADDRESS=test@test.nl, CN=codesigning 2014, OU=Test, O="Test BV ", L=Stad, ST=ZH, C=NL (codesign) 
     [certificate is valid from 11-8-14 11:19 to 11-8-15 11:29] 
     X.509, CN=CA-TEST (ca-test) 
     [certificate is valid from 23-2-11 9:37 to 23-2-16 9:46] 

     496 Thu Oct 09 12:19:18 CEST 2014 META-INF/CODESIGN.SF 
     4666 Thu Oct 09 12:19:18 CEST 2014 META-INF/CODESIGN.RSA 
smk  226 Tue Oct 07 16:31:54 CEST 2014 .classpath 

     [entry was signed on 9-10-14 12:19] 
     X.509, EMAILADDRESS=test@test.nl, CN=codesigning 2014, OU=Test, O="Test BV ", L=Stad, ST=ZH, C=NL (codesign) 
     [certificate is valid from 11-8-14 11:19 to 11-8-15 11:29] 
     X.509, CN=CA-TEST (ca-test) 
     [certificate is valid from 23-2-11 9:37 to 23-2-16 9:46] 

smk  370 Tue Oct 07 16:31:54 CEST 2014 .project 

     [entry was signed on 9-10-14 12:19] 
     X.509, EMAILADDRESS=test@test.nl, CN=codesigning 2014, OU=Test, O="Test BV ", L=Stad, ST=ZH, C=NL (codesign) 
     [certificate is valid from 11-8-14 11:19 to 11-8-15 11:29] 
     X.509, CN=CA-TEST (ca-test) 
     [certificate is valid from 23-2-11 9:37 to 23-2-16 9:46] 

smk  792 Tue Oct 07 16:34:30 CEST 2014 nl/test/applet/TestApplet1.class 

     [entry was signed on 9-10-14 12:19] 
     X.509, EMAILADDRESS=test@test.nl, CN=codesigning 2014, OU=Test, O="Test BV ", L=Stad, ST=ZH, C=NL (codesign) 
     [certificate is valid from 11-8-14 11:19 to 11-8-15 11:29] 
     X.509, CN=CA-TEST (ca-test) 
     [certificate is valid from 23-2-11 9:37 to 23-2-16 9:46] 

      0 Tue Oct 07 16:33:50 CEST 2014 nl/ 
      0 Tue Oct 07 16:33:50 CEST 2014 nl/test/ 
      0 Tue Oct 07 16:33:50 CEST 2014 nl/test/applet/ 

    s = signature was verified 
    m = entry is listed in manifest 
    k = at least one certificate was found in keystore 
    i = at least one certificate was found in identity scope 

jar verified. 

我创建了标记一个非常基本的HTML文件：

<body> 
    <p>Test page TestApplet1</p> 

    <applet code="nl.test.applet.TestApplet1.class" 
     archive="TestApplet1.jar" 
     id="TestApplet1" 
     height="0" width="0"> 
    </applet> 

    <script type="text/javascript"> 
     alert(document.getElementById("TestApplet1").helloWorld()); 
    </script> 
</body> 

但是，当我将它部署在我的测试网站上并尝试运行小程序时，该小程序被安全设置阻止。我收到的消息是：“您的安全设置已阻止不可信的应用程序运行”。

当我将安全级别设置为“中”，使用Java控制面板，然后我再打开网页，我得到了安全警告：“从以下位置的未签名的应用程序要求运行许可。“

我的方法有什么问题？

顺便说一句，我已经将我的CA证书导入到IE证书存储中的受信任根CA中，并在Java控制面板中管理证书。

任何建议是值得欢迎的。

Answer 1

你需要做以下步骤：通过您的密钥

• 标志所有罐子确保你使用HTTPS。如果您使用的是
• HTTP或HTTPS你需要添加你的主机到安全例外列表中的自签署的SSL证书（jcontrol - >安全选项卡 - >编辑站点列表）

Answer 2

看看在this link

基本上，自签名的小应用程序的行为在你注意到的方式。这是因为Java的安全标准。如果你想删除警告，你需要购买证书。

希望这会有所帮助。