How to make a machine trust a self-signed Java app

2019-01-22 01:50发布

问题:

I'm deploying an application using JAWS, and it worked until late 2013 when I got a warning, and then this morning Java completely blocked it. The message in French is:

Application bloquée par les paramètres de sécurité
Vos paramètres de sécurité ont bloqué l'exécution d'une application auto-signée avec une version obsolete ou arrivée à expiration de Java.

which would translate roughly as:

Application blocked by the security settings
Your security settings have blocked from running an application that has been self-signed with an obsolete or outdated Java.

The grammar is not that clear, the end of the sentence could be read as either:

  • ...blocked a self-signed application from running with an obsolete or outdated Java [runtime], meaning that the local runtime is too old, but the self-signature is fine
  • ...blocked an application that has been self-signed with an obsolete or outdated Java [compiler], meaning that the Java compiler used is too old

I searched online for the exact same message in English, but I couldn't find it. So the grammar is still unclear. Note that on the message there is no Name: xyz / From: http://url/, there's only the text I typed above, and a blue "i" icon.

Now, I don't really understand the exact meaning of this error message, but I know that there is an issue because my JAR files are all self-signed. I have already faced this on other Windows clients, and it was easy:

  • I extracted a .cer certificate from my keystore;
  • Downloaded it on the client machine, open it;
  • Made the customers install it as a trusted source on their local machine.

It worked like a charm on my test setup and for one customer, but another one still has the issue and cannot run my software.

This is a big issue from me, and I don't know what to do. Should I upgrade my Java compiler, recompile everything, sign every JAR file again and cross fingers? How can I make that Windows box trust my certificate and let the Java application run?

回答1:

Just Go To *Startmenu >>Java >>Configure Java >> Security >> Edit site list >> copy and paste your Link with problem >> OK Problem fixed :)*



回答2:

SERIOUS DISCLAIMER

This solution has a serious security flaw. Please use at your own risk.
Have a look at the comments on this post, and look at all the answers to this question.


OK, I had to go to the customer premises and found a solution. I:

  • Exported the keystore that holds the signing keys in PKCS #12 format
  • Opened control panel Java -> Security tab
  • Clicked Manage certificates
  • Imported this new keystore as a secure site CA

Then I opened the JAWS application without any warning. This is a little bit cumbersome, but much cheaper than buying a signed certificate!



回答3:

I was having the same issue. So I went to the Java options through Control Panel. Copied the web address that I was having an issue with to the exceptions and it was fixed.



回答4:

I had the same problem, but i solved it from Java Control Panel-->Security-->SecurityLevel:MEDIUM. Just so, no Manage certificates, imports ,exports etc..