避免因证书错误导致Java安全警告
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21187852/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Avoid security warning of Java due to certificate error
提问by IT researcher
When i visit a java application running website I get error "application blocked by security settings"This is due to certificate problem. I know the publisher so i can trust him.
Then after a quick google search I changed security setting of java to mediumand also added the website to Execption website list. Still I am getting a different window asking me to accept risk and continue running application(Shown in image below). This window comes every time i run it. So how it can be avoided?
当我访问运行网站的 Java 应用程序时,出现错误"application blocked by security settings"这是由于证书问题。我认识出版商,所以我可以信任他。然后在快速谷歌搜索后,我将 java 的安全设置更改为medium,并将网站添加到Execption website list. 我仍然收到一个不同的窗口,要求我接受风险并继续运行应用程序(如下图所示)。每次我运行它时都会出现这个窗口。那么如何才能避免呢?
采纳答案by Marcus Adams
For an application that was signed by a legitimate code signing certificate (that itself was signed by a proper certificate authority in Java's web of trust), you will still see the above dialog, but without the red text. It will display the name on the certificate, and you will have a checkbox that allows you to automatically trust all apps from the same vendor, thus avoiding seeing the dialog again.
对于由合法代码签名证书(本身由 Java信任网络中的适当证书颁发机构签名)签名的应用程序,您仍将看到上述对话框,但没有红色文本。它将在证书上显示名称,您将有一个复选框,允许您自动信任来自同一供应商的所有应用程序,从而避免再次看到该对话框。
However, when the application was not legitimately signed, you will see the above dialog even on medium setting, but you can run it by "accepting the risk". On default security level, you may not even have the option to "accept the risk" and proceed, and on "very high", you will definitely not have the option to proceed.
但是,当应用程序未经合法签名时,即使在中等设置下,您也会看到上述对话框,但您可以通过“接受风险”来运行它。在默认安全级别上,您甚至可能没有“接受风险”并继续的选项,而在“非常高”时,您绝对没有继续的选项。
In order to avoid the dialog with the warning, the application will need to be signed. If it's signed by a legitimate code-singing certificate, it will behave as I described in the first paragraph. If it's self-signed, then the vendor will have to supply you with a copy of the root certificate they used to sign it, and you'll have to import the certificate into Java's store. Then, it will behave just like one that was legitimately signed.
为了避免出现带有警告的对话框,需要对应用程序进行签名。如果它由合法的代码签名证书签名,它将按照我在第一段中描述的方式运行。如果它是自签名的,那么供应商将必须向您提供他们用于签名的根证书的副本,并且您必须将证书导入 Java 的 store。然后,它的行为就像合法签名的一样。
