1. 技术文章
  2. Signed Applet does not load

Signed Applet does not load

拥有回忆 提交于 2019-12-13 05:18:39

问题


I've a simple HelloWorld applet, I am embedding that in the HTML. It worked fine. But I put the applet in the jar and signed the jar, but it does not load saying "Self signed jars can't be supported" I am signing using ICA issued cert. More over we never faced this issue before 1.7.51 version. BTW : I went through Oracle Documentation on adding parameters

According to it I tried to add following attributes in the signed MANIFEST.MF namely : Permissions: sandbox, Trusted-Library: true but this also did not help. I am not sure I'am missing something.

Manifest looks like this :

Manifest-Version: 1.0
Trusted-Library: true
Permissions: all-permissions
Application-Library-Allowable-Codebase: *
Caller-Allowable-Codebase: *
Codebase: *

Created-By: 1.7.0_45 (Oracle Corporation)

Name: HelloWorld$1.class
SHA1-Digest: xcxzcbxzcbxzcbxzcb=

Name: HelloWorld.class
SHA1-Digest: xaadfasfdasdfsafd=

Adding console logs :

com.sun.deploy.security.BlockedException: Your security settings have blocked a self-signed application from running
    at com.sun.deploy.security.SandboxSecurity.showBlockedDialog(Unknown Source)
    at com.sun.deploy.security.TrustDecider.askUser(Unknown Source)
    at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
    at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
    at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)

Thanks. JE

回答1:


The Trusted-Library entry is relevant only before Java 1.7.45. Since that you need to add the parameters mentioned in that question.




回答2:


Well I found the solution for this :

Check following three things.

1) Certificate has valid chain upto root and CA/ICA are public root.
2) Manifest.MF must have 2 attributes.
  • Codebase: < location/hostname on which you are going to deploy your jar>
  • Permissions: One of two values (Sandbox or all-permissions)

Check more information here.



来源:https://stackoverflow.com/questions/23515669/signed-applet-does-not-load

标签
code-signing
code-signing-certificate
signed-applet
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!