这是我的新域名,因此不完全确定如何解释可用信息。
研究产生以下相关帖子:
http://www.theappguruz.com/blog/use-android-cursorloader-example
Version 1.50 + WebStart: signature not verified
但是,仍然不确定这是否是噪音,或者我的JVM或JDK环境中是否缺少配置。
我是否认为这些文件有效并且使用安全?
我需要做些什么来消除警告信息?
我的问题是如何解释此命令生成的以下消息:
jarsigner -verify -verbose -certs bcmail-jdk15on-157.jar
生成以下输出:
s 11224 Thu May 11 17:31:18 EDT 2017 META-INF/MANIFEST.MF
X.509, CN=Legion of the Bouncy Castle Inc., OU=Java Software Code Signing, O=Sun Microsystems Inc
[certificate is valid from 3/10/17 8:15 PM to 4/25/20 3:00 AM]
X.509, CN=JCE Code Signing CA, OU=Java Software Code Signing, O=Sun Microsystems Inc, L=Palo Alto, ST=CA, C=US
[certificate is valid from 4/25/01 3:00 AM to 4/25/20 3:00 AM]
[CertPath not validated: Path does not chain with any of the trust anchors]
[entry was signed on 5/11/17 3:31 AM]
X.509, CN=Legion of the Bouncy Castle Inc., OU=Java Software Code Signing, O=Oracle Corporation
[certificate is valid from 3/10/17 8:07 PM to 3/10/22 8:07 PM]
X.509, CN=JCE Code Signing CA, OU=Java Software Code Signing, O=Oracle Corporation
[certificate is valid from 7/6/16 7:48 PM to 12/30/30 7:00 PM]
[CertPath not validated: Path does not chain with any of the trust anchors]
8546 Thu May 11 17:31:20 EDT 2017 META-INF/BC1024KE.SF
2221 Thu May 11 17:31:20 EDT 2017 META-INF/BC1024KE.DSA
8546 Thu May 11 17:31:18 EDT 2017 META-INF/BC2048KE.SF
6365 Thu May 11 17:31:18 EDT 2017 META-INF/BC2048KE.DSA
0 Thu May 11 17:30:54 EDT 2017 org/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/smime/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/smime/examples/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/smime/handlers/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/smime/util/
0 Thu May 11 17:30:54 EDT 2017 org/bouncycastle/mail/smime/validator/
sm 715 Thu May 11 17:27:56 EDT 2017 org/bouncycastle/mail/smime/CMSProcessableBodyPart.class
X.509, CN=Legion of the Bouncy Castle Inc., OU=Java Software Code Signing, O=Sun Microsystems Inc
[certificate is valid from 3/10/17 8:15 PM to 4/25/20 3:00 AM]
X.509, CN=JCE Code Signing CA, OU=Java Software Code Signing, O=Sun Microsystems Inc, L=Palo Alto, ST=CA, C=US
[certificate is valid from 4/25/01 3:00 AM to 4/25/20 3:00 AM]
[CertPath not validated: Path does not chain with any of the trust anchors]
[entry was signed on 5/11/17 3:31 AM]
X.509, CN=Legion of the Bouncy Castle Inc., OU=Java Software Code Signing, O=Oracle Corporation
[certificate is valid from 3/10/17 8:07 PM to 3/10/22 8:07 PM]
X.509, CN=JCE Code Signing CA, OU=Java Software Code Signing, O=Oracle Corporation
[certificate is valid from 7/6/16 7:48 PM to 12/30/30 7:00 PM]
[CertPath not validated: Path does not chain with any of the trust anchors]
.
.
.
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
Warning:
This jar contains entries whose certificate chain is not validated.
This jar contains signatures that does not include a timestamp. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2020-04-25) or after any future revocation date.
答案 0 :(得分:0)
BouncyCastle仅使用安全提供程序的特殊代码签名证书对JAR进行签名。为了在Java中使用JAR作为安全提供程序,这是必需的。 BouncyCastle没有签署JAR使用例如在applets或WebStart中。如果你需要使用它,例如在applet或WebStart中,您需要使用您的公共证书签署JAR 另外。