需要上网CA签名的小程序? [英] Is internet access needed for CA signed applet?
问题描述
我们codeD Java小程序,并通过认证机构,委托签了字。
当小程序是通过任何浏览器部署,我们可以在一个请求发送到CA取得Java控制台日志中看到:
We coded a java applet and signed it through a Certificate Authority, Entrust. When the applet is deployed through any browser, we can see in java console logs that a request is made to the CA:
network: Connecting http://ocsp.entrust.net/ with proxy=DIRECT
security: OCSP Response: GOOD
然而,我们的客户有一定的计算机在Intranet的没有的互联网连接。
那么,有没有办法避免任何互联网请求CA服务器?
So, is there a way to avoid any internet request to CA server?
推荐答案
您会发现从Java控制面板此选项>>高级选项卡
You will find this option from Java Control Panel >> Advanced tab
在执行证书吊销检查:
只有发行商证书;
在信任链中的所有证书(默认和建议);
不检查(不推荐)
Perform Certificate revocation checks on: Publishers certificate only; All certificates in the chain of trust (default and recommended); Do not check (not recommended)
http://www.java.com/en/download/help/ revocation_options.xml
不过,你将不得不改变它在内部网每台计算机。
However, you will have to change it for each computer in the intranet.
这篇关于需要上网CA签名的小程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!