Java 7u51 不接受带有自签名证书的 JNLP? [英] Java 7u51 will not accept JNLP with self-signed certificate?

问题描述

我在网上看到 Java 版本 7u51(将于 2014 年 1 月发布)将不再接受我自签名的 Java Webstart 应用程序.

I read on the web that Java version 7u51 (to be released in January 2014) will no longer accept Java Webstart applications that are self-signed by me.

这是真的吗?

如果情况属实，我是否有机会为我的 JNLP 应用程序构建一个解决方法，以便我能够在 2014 年 1 月之后启动应用程序?

In case it is true, do I have any chance to build a workaround for my JNLP application, so that I am able to start the application even after January 2014?

我已经看到在 7u40 中删除了由于使用自签名证书而取消安全警告的选项.

I have seen that the option to suppress the security warnings because of the usage of a self-signed certificate was removed in 7u40.

推荐答案

是的，确实如此.这篇来自 Oracle 的博客条目提供了详细信息.

Yes, this is true. This blog entry from Oracle has the details.

据我所知，您可以通过三种方式继续工作:

As I understand it, you have three options for continuing to work:

1. 使用受信任的证书为您的应用签名
   • 通常，这是通过从 之一获取证书来完成的默认情况下，Java 信任根证书的供应商.
   • 您也可以使用自签名证书，如果您用户社区受到控制(例如，所有用户都在受管理的公司网络内，或同一编程课程中的所有学生).

1. Sign your app with a trusted cert
   • Normally, this is done by acquiring a cert from one of the vendors whose root certs are trusted by Java by default.
   • You can also use a self-signed certificate if your community of users is controlled (e.g. all within a managed corporate network, or all students in the same intro to programming class).

• 通过部署规则集(Oracle 的意图是 DRS 仅用于企业环境，您可以在其中通过集中管理技术推出此配置更新)
• 通过例外站点列表(我认为这类似于 DRS，但适用于没有集中管理的个人最终用户)

• via deployment rule sets (Oracle's intention is that DRSs are only to be used in corporate environments, where you can push out this configuration update via a centralized management technology)
• via the exception site list (I believe this is intended to be analogous to DRSes, but for individual end users without centralized management)

另见 我的问题 关于获取这些更新的预发布版本以进行测试.

See also my question about obtaining pre-release versions of these updates to test with.

这篇关于Java 7u51 不接受带有自签名证书的 JNLP?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！