{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一夜七次 的问题《How to suppress the keystore password prompt when》','https://www.manongdao.com/q-658943.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Is there a way to suppress the password prompt when using Java Webstart with a https server that uses client authentication? I would like to do this, because the webstarted app runs on a touch screen device that got no keyboard and runs in a kiosk mode. Therefore it would be sufficient to either remove the password from the keystore or to store it somewhere, maybe in the desktop shortcut that starts the app.
I already tried to attach a JVM Parameter to the shortcut like this, but it doesn't work:
javaws -J-Djavax.net.ssl.keyStorePassword=mypass https://...
I also found out, when I activate the "use browser keystore"-option in the Java Control Panel and add the certificate to it, I can cancel the password prompt and still connect successfully. It seems like only the Java-Keystore asks for a password and Internet-Explorer's doesn't.
You try to use a custom KeystoreProvider implementation. It is not that hard to create and I assume that you could override the need for the password. You will need to customize the security.properties of the JRE that is used to launch the webstart application.
Although in your case ... is there a reason why you don't want to use the browser keystore ? In that case you don't have a problem.
David
I think the issue is with the Certificate Authority (CA)! If your webstart app is signed with a certificate approved by a CA already part of the JVM list of CA (Verisign, Thawte, ...) no password needed to add the app key to the local keystore.
So, if you want you can store manually in the Java default keystore your own Certificate Authority (will require a password once), and then sign you jars with a certificate issued from this private CA.
I don't know which JVM you use on your device (I had some issue with IBM JDK doing the above trick), but it should work!