我已经购买了用于签署我的jar文件的代码签名证书。将整个信任链添加到密钥库,签署并验证jar文件后,我得到了这个输出:
sm 905 Tue Jul 22 15:48:42 CEST 2014 com/siemens/util/OSLogin$1.class
sm 881 Tue Jul 22 15:48:42 CEST 2014 com/siemens/util/OSLogin$2.class
sm 1802 Tue Jul 22 15:48:42 CEST 2014 com/siemens/util/OSLogin.class
s 434 Tue Jul 22 15:48:42 CEST 2014 META-INF/MANIFEST.MF
444 Tue Jul 22 15:48:42 CEST 2014 META-INF/_B8D178A3-25F1-4475-8D11-C37
A786279F4_.SF
6413 Tue Jul 22 15:48:42 CEST 2014 META-INF/_B8D178A3-25F1-4475-8D11-C37
A786279F4_.RSA
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
Warning:
This jar contains signatures that does not include a timestamp. Without a timest
amp, users may not be able to validate this jar after the signer certificate's e
xpiration date (2017-07-21) or after any future revocation date.
但是在将jar复制到Web服务器并在同一系统上打开网页后,我得到“证书无效......” 我错过了什么?我是代码签名的新手。
此致 mannson