发表新帖
发表新帖

-tsa or -tsacert timestamp for applet jar self-signed

前端 未结
关注
4 2087
生来不讨喜
生来不讨喜 2020-12-05 02:08

When I was trying to self-sign in the jar like below.

jarsigner -keystore my keystore myjar.jar myalias

It gives warning like:

4条回答
  • 时光说笑
    时光说笑 (楼主)
    2020-12-05 02:16

    This warning tells you that your jar's certificate will expire in may. Hence, users will not be able to execute your program after this date.

    To improve the situation, the timestamp feature was added. This way, you can tell users: "I used the certificate at this point of time (which is provided and verified by the time stamp agency - tsa), when it was still valid!" As long as you do not change and resign your jar, it will still run, even after the certificate expires, because users see that at the point of creation the certificate was indeed valid.

    For reference: http://docs.oracle.com/javase/7/docs/technotes/guides/security/time-of-signing.html

    tl;dr: if you ignore the warning, your jar won't run after 14-05-08. Add a timestamp, and it will still run as long as you don't modify anything.

    Regards

    0 讨论(0)
 看不清?
提交回复
热议问题