更新到 Java 版本 7 更新 51 后,我购买了代码签名证书并签署了我的小程序。我有主小程序(AppletDemo.jar)和另外两个小程序(commons-codec-1.7.jar 和 FDxSDKPro.jar),它们由主小程序使用。我用 DigiCert 证书签署了所有文件。
所有这些都经过签名,并使用 jarsigner 工具进行了验证,我收到这样的消息:
*s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.*
当我尝试加载小程序时,我在 java 调试控制台中收到以下消息(真实的 url 被替换为标签):
basic: Plugin2ClassLoader.addURL parent called for <url>/fpApplet/AppletDemo.jar
basic: Plugin2ClassLoader.addURL parent called for <url>/fpApplet/FDxSDKPro.jar
basic: Plugin2ClassLoader.addURL parent called for <url>/fpApplet/commons-codec-1.7.jar
security: Certificate revocation enabled. Disable security validation optimizations.
security: Validate the certificate chain using CertPath API
security: Trust for: <url>fpApplet/FDxSDKPro.jar has ended: Thu Jan 01 01:00:00 CET 1970
security: Validate the certificate chain using CertPath API
security: Trust for: <url>/fpApplet/commons-codec-1.7.jar has ended: Thu Jan 01 01:00:00 CET 1970
security: Validate the certificate chain using CertPath API
network: Cache entry not found [url: <url>/fpApplet/, version: null]
security: Grant socket perm for <url>/fpApplet/ : java.security.Permissions@199a51e (("java.net.SocketPermission" "<url>" "connect,accept,resolve"))
basic: Your security settings have blocked an untrusted application from running
basic: exception: Your security settings have blocked an untrusted application from running.
com.sun.deploy.security.BlockedException: Your security settings have blocked an untrusted application from running
我认为,Applet 是因为这个和以下两行而被阻止的(信任:fpApplet/FDxSDKPro.jar 已结束:Thu Jan 01 01:00:00 CET 1970)。
我不知道如果 jar 被签名了怎么会发生这种情况?有没有人遇到过这样的问题?