问题
On one particular machine (Windows Server 2012R2 with current updates and JRE) I'm getting the classic "Your security settings have blocked a self-signed application from running" error. Obviously I can get around it by making my launch site (which is internal and for our own internal use only) trusted. However, I would like to solve the root cause if possible.
What's making this difficult to solve is:
A) It's NOT self-signed. It's signed with a JKS that contains our COMODO certificate and the chain of authority updates from COMODO (root and intermediate). It did however start when we received our latest certificate, was never a problem with the old one.
B) All the other machines we have accept the certificate as properly signed by COMODO (Windows 7, 8.1, Mac, Linux). It's just this one server that thinks it's self-signed.
Ideas?
回答1:
It turns out that for some reason, various Windows versions that we have installed can end up with dramatically different sets of root certificates. All the machines that worked fine had around 320 some certs installed, the machines that fail to work only had around 70. COMODO eventually issued us a replacement certificate designed to validate against a different root... That works fine on all our machines.
来源:https://stackoverflow.com/questions/27992275/why-does-java-on-one-particular-installation-think-im-self-signing