Some things to try:

一些尝试：

• Go to the java plugin control panel ($JAVA_HOME/bin/ControlPanel).
• Go to the Advancedtab.
• Expand Debug
• Check Enable tracing, Enable logging, and Show applet lifecycle exceptions
• Expand Java console
• Check Show console
• Click OK(or Close, depending on your OS)

• 转到 java 插件控制面板 ($JAVA_HOME/bin/ControlPanel)。
• 转到Advanced选项卡。
• 扩张 Debug
• 检查Enable tracing, Enable logging, 和Show applet lifecycle exceptions
• 扩张 Java console
• 查看 Show console
• 单击OK（或Close，取决于您的操作系统）

When your applet loads the Java console will open. Click on it and immediately press '5'. It will log the jars and classes being fetched to run your applet. Somewhere in this there should be a message indicating what jars or classes are consider "unsigned". If you miss it the first time, just reload the window to try it again.

当您的小程序加载时，Java 控制台将打开。单击它并立即按“5”。它将记录为运行小程序而获取的 jars 和类。在这的某处应该有一条消息，指示哪些 jars 或类被认为是“未签名的”。如果你第一次错过了，只需重新加载窗口再试一次。

EDIT: Due to a bug in Java 7 Update 45 you should not add Trusted-Library to your manifest file. Just add the new attribute Caller-Allowable-Codebase. See this question for more info: Java applet manifest - Allow all Caller-Allowable-Codebase

编辑：由于 Java 7 Update 45 中的错误，您不应将 Trusted-Library 添加到清单文件中。只需添加新属性 Caller-Allowable-Codebase。有关更多信息，请参阅此问题：Java applet manifest - Allow all Caller-Allowable-Codebase

Java 7 Update 21 was released on April 16 2013 and caused our applet to start showing this warning dialog.

Java 7 Update 21 于 2013 年 4 月 16 日发布，导致我们的小程序开始显示此警告对话框。

Per the release notes: As of JDK 7u21, JavaScript code that calls code within a privileged applet is treated as mixed code and warning dialogs are raised if the signed JAR files are not tagged with the Trusted-Library attribute.

根据发行说明：从 JDK 7u21 开始，在特权小程序中调用代码的 JavaScript 代码被视为混合代码，如果签名的 JAR 文件没有使用 Trusted-Library 属性标记，则会引发警告对话框。

To fix this edit your manifest.mf file and add a line like this:

要解决此问题，请编辑您的 manifest.mf 文件并添加如下一行：

Trusted-Library: true

You should be very careful before doing this though. If your signed applet can be called from javascript then a malicious user can potentially do harmful things on your users' computers.

不过，在执行此操作之前，您应该非常小心。如果您的签名小程序可以从 javascript 调用，那么恶意用户可能会在您用户的计算机上做有害的事情。

One quick way to secure your applet is to prevent it from being run on other websites. Do this by putting code in the init()method that looks at getCodeBase().getHost()and throws an exception if it does not match your site.

保护您的小程序的一种快速方法是防止它在其他网站上运行。通过将代码放入init()方法中来执行此操作，getCodeBase().getHost()如果它与您的站点不匹配，则该方法会查看并抛出异常。

Java 7 Update 25 introduces another way to limit the sites where your applet can be run. You can set the Codebase attribute in your manifest file like this:

Java 7 Update 25 引入了另一种方法来限制可以运行小程序的站点。您可以在清单文件中设置 Codebase 属性，如下所示：

Codebase: test.example.com www.example.com

Java 7 Update 45 (releated October 16 2013) introduces more changes to the LiveConnect system (javascript-to-applet bridge) that may cause another prompt. This article talks about the 7u45 changes: https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45

Java 7 Update 45（2013 年 10 月 16 日发布）对 LiveConnect 系统（javascript-to-applet 桥）引入了更多更改，这可能会导致另一个提示。这篇文章讲了 7u45 的变化：https://blogs.oracle.com/java-platform-group/entry/liveconnect_changes_in_7u45

Basically you'll also want to add the following to your manifest file to avoid the prompts:

基本上，您还需要将以下内容添加到清单文件中以避免出现提示：

Caller-Allowable-Codebase: test.example.com www.example.com

If you are selling a product that includes an applet and you don't know what domains it can be deployed on you can populate * here.

如果您正在销售包含小程序的产品，并且您不知道它可以部署在哪些域上，您可以在此处填写 *。

Mixing trusted and untrusted code together is a vulnerability that has been fixed in the 6u19 (the current CPU/SSR release at the time of writing). See the docs.Blocking the mix or using a debugger should show where the problem is.

将可信代码和不可信代码混合在一起是一个漏洞，该漏洞已在 6u19（撰写本文时的当前 CPU/SSR 版本）中修复。查看文档。阻止混合或使用调试器应该会显示问题所在。