Question

我有一个简单的HelloWorld applet，我将其嵌入到HTML中。它工作正常。但我把小程序放在jar中并签署了jar，但它没有加载说“我不能支持自签名罐子”我正在使用ICA颁发的证书进行签名。在1.7.51版本之前，我们从未遇到过这个问题。顺便说一句：我经历了Oracle Documentation on adding parameters

根据它，我尝试在签名的MANIFEST.MF中添加以下属性，即：权限：sandbox，Trusted-Library：true 但这也没有帮助。我不确定我错过了什么。

Manifest看起来像这样：

Manifest-Version: 1.0
Trusted-Library: true
Permissions: all-permissions
Application-Library-Allowable-Codebase: *
Caller-Allowable-Codebase: *
Codebase: *

Created-By: 1.7.0_45 (Oracle Corporation)

Name: HelloWorld$1.class
SHA1-Digest: xcxzcbxzcbxzcbxzcb=

Name: HelloWorld.class
SHA1-Digest: xaadfasfdasdfsafd=

添加控制台日志：

com.sun.deploy.security.BlockedException: Your security settings have blocked a self-signed application from running
    at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
    at com.sun.deploy.security.TrustDecider.askUser(Unknown Source)
    at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
    at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)

enter image description here 谢谢。 JE

Answer 1

Trusted-Library条目仅在Java 1.7.45之前相关。因为您需要添加question中提到的参数。

Answer 2

我找到了解决方案：

检查以下三件事。

1) Certificate has valid chain upto root and CA/ICA are public root.
2) Manifest.MF must have 2 attributes.

代码库：＆lt;您将要部署jar的位置/主机名＆gt;
权限：两个值之一（沙箱或所有权限）

查看更多信息here。

已签名的Applet无法加载

2 个答案: