我们的组织在 8 年前就在 java 上开发了一些应用程序,我们有一些客户在他们的环境中安装了我们的产品并提供服务。
在 java 7 update 51 中,java 更新了它们的安全性,所以它要求我们使用公共证书对 jar 文件进行签名。
客户不同意要求每个用户降低安全级别或将站点添加到控制面板 java 的异常列表中。
这里的问题是,是否所有客户都需要为他们自己购买一个证书并在罐子上签名,或者作为一个组织我们购买一个证书并且单个证书可以用于所有客户?
2 回答
1
如果您获得组织的证书,则可以使用它来签署您希望部署的任何 Java 应用程序。每个应用程序或客户不需要不同的证书。
于 2015-07-07T15:51:09.647 回答
0
It's not even necessary to avtually "buy" a certificate. You could create a self-signed certificate using the java keytool and use it to sign your code. Then your customers would have to install that certificate into their java trusted certificate store and everything should be fine.
"Buying" a certificate is only necessary when you need every computer with a standard-trustlist to be able to run your application, but if you're in close contact with your customers - as it seems you are - you should be able to hand them a self-created certificate for installation on their machines.
于 2014-03-04T11:19:40.463 回答