Another try to open a message here

再次尝试在此处打开消息

My company wants to use the deployment rule set for multiple java versions usage.

我的公司想将部署规则集用于多个 java 版本的使用。

Currenly we have 1.6.0_13, 1.7.0_51 and 1.8.0_66 Java 8 is what selected in the System tab of the java control home User tab consists of java 6, 7 and 8

目前我们有 1.6.0_13、1.7.0_51 和 1.8.0_66 Java 8 是在 java 控件主页的系统选项卡中选择的用户选项卡由 java 6、7 和 8 组成

all the settings in deployment.properties are default and point to correct locations or values

deployment.properties 中的所有设置都是默认设置，并指向正确的位置或值

env variables set java_home ="C:\Program Files (x86)\Java\jdk1.8.0_66\bin" path = set to correct locations

env variables set java_home ="C:\Program Files (x86)\Java\jdk1.8.0_66\bin" path = 设置为正确的位置

The steps i followed are below,

我遵循的步骤如下，

1. create the keystore keytool -genkey -dname "cn=drstest, ou=abac, o=mycompany, c=SE" -keyalg RSA -keysize 2048 -alias testsign -keypass password -keystore mykeystore.jks -storepass password -validity 1460

2. downloaded the csr file keytool -certreq -alias testsign -file certreq.csr -keystore mykeystore.jks -storepass password

3. Used the csr file and sent it to my company's CA for signing.

4. Received two files: cer and p7b files from CA

5. Import CSR reply: keytool -import -trustcacerts -file certnew.p7b -alias testsign -keystore mykeystore.jks -storepass password

6. Downloaded and added required certificates of the chain in the keystore.

7. created the ruleset.xml

8. created the jar file using jar.exe jar.exe -cvf DeploymentRuleSet.jar ruleset.xml

9. signed the jar file the keystore jarsigner -keystore mykeystore.jks DeploymentRuleSet.jar testsign

10. added the time stamp jarsigner -verbose -keystore mykeystore.jks -storepass password -keypass password -tsa http://timestamp.comodoca.com/rfc3161DeploymentRuleSet.jar testsign -J-Dhttp.proxyHost=xxx.xxx.COM -J-Dhttp.proxyPort=8080

11. Placed the DeploymentRuleSet.jar in the C:\Windows\Sun\Java\Deployment folder

1. 创建密钥库 keytool -genkey -dname "cn=drstest, ou=abac, o=mycompany, c=SE" -keyalg RSA -keysize 2048 -alias testsign -keypass password -keystore mykeystore.jks -storepass password -validity 1460

2. 下载 csr 文件 keytool -certreq -alias testsign -file certreq.csr -keystore mykeystore.jks -storepass password

3. 使用了csr文件并发送给我公司的CA进行签名。

4. 收到两个文件：来自CA的cer和p7b文件

5. 导入CSR回复：keytool -import -trustcacerts -file certnew.p7b -alias testsign -keystore mykeystore.jks -storepass password

6. 在密钥库中下载并添加链所需的证书。

7. 创建了规则集.xml

8. 使用 jar.exe jar.exe -cvf DeploymentRuleSet.jar ruleset.xml 创建了 jar 文件

9. 签署 jar 文件 keystore jarsigner -keystore mykeystore.jks DeploymentRuleSet.jar testsign

10. 添加时间戳 jarsigner -verbose -keystore mykeystore.jks -storepass password -keypass password -tsa http://timestamp.comodoca.com/rfc3161DeploymentRuleSet.jar testsign -J-Dhttp.proxyHost=xxx.xxx.COM -J- Dhttp.proxyPort=8080

11. 将 DeploymentRuleSet.jar 放在 C:\Windows\Sun\Java\Deployment 文件夹中

Now when i test using the java control home Control panel -> Java -> Security tab -> View active deployment rule set ->

现在，当我使用 java control home 控制面板进行测试时 -> Java -> 安全选项卡 -> 查看活动部署规则集 ->

i get the message as "DeploymentRuleset.jar is invalid" "Can not verify rule set jar"

我收到消息“DeploymentRuleset.jar 无效”“无法验证规则集 jar”

I can see my certificate in the "View Certificate details"

我可以在“查看证书详细信息”中查看我的证书

Now i have spents so many hrs and have gone through so many webpages, and still dont know why it is invalid.

现在我花了这么多小时，浏览了这么多网页，仍然不知道为什么它是无效的。

This is not rocket science, but still i am stuck.

这不是火箭科学，但我仍然被卡住了。

Can some one point out where i am going wrong.

有人可以指出我哪里出错了。

********* i am not sure if there are any steps for cacerts file, if i have missed something for cacerts please guide me*************

********* 我不确定 cacerts 文件是否有任何步骤，如果我错过了 cacerts 的某些内容，请指导我*************

Regards

问候