java – 如果签名jar(带有时间戳)的证书过期会发生什么

前端之家收集整理的这篇文章主要介绍了java – 如果签名jar(带有时间戳)的证书过期会发生什么前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我在2年前签了一个带有时间戳的jar(小程序).证书即将到期.会发生什么?是否会向用户发出警告,它是否会起作用?它会停止工作吗?

我没有向applet添加任何特定代码来处理时间戳.签名时我只包含-tsa网址.

编辑:它继续工作.

解决方法

Java 5 SE之前,签名证书已过期的签名jar将不再有效或可用.

使用Java 5 SE和更高版本,签名证书过期的签名jar将继续有效.但是,过期的证书不能用于签署任何进一步的jar.

From Oracle’s docs

Prior to J2SE 5.0,the signature generated by jarsigner contained no information about w hen the signature was generated. With no other information available,systems/deployers (including users of the Java Plug-in) often based their validity assessment of a signed JAR file on the validity of the signing certificate. When the signing certificate expires,systems/deployers conclude that the signature,and hence,the JAR file,has expired. Because signing certificates typically expire annually,this caused customers significant problems by forcing them to re-sign deployed JAR files annually.

Starting in J2SE 5.0,jarsigner can generate signatures that include a timestamp,thus enabling systems/deployer (including Java Plug-in) to check whether the JAR file was signed while the signing certificate was still valid. In addition,APIs were added in J2SE 5.0 to allow applications to obtain the timestamp information.

猜你在找的Java相关文章