Hello, I am running into an issue hopefully someone here can help me with.
First, I am using Java 8 on a Windows 10 machine (64 bit) and using Internet Explorer 11 as my web browser.
I have a jnlp file that I have hosted on a local tomcat server. My problem is that when I try to launch the application it always gives me that prompt which says
"Do you want to run this application"
"Running this application may be a security risk"
There is no option to not show this message in the future.
I've searched google articles, looked at videos online, made changes to internet explorer options and through java control panel, added the URL to the site exception list, restarted my system and nothing seems to have any effect.
Anyone have any thoughts on how I can go about preventing this message from appearing.
Yes....I believe so. I am not all that familiar with signing, generating keys etc but I followed the steps listed online to create a JNLP file. Part of that included "signing the jar file.
For that I ran the genkey command for example like so...
and I also created a keystore like so...
jarsigner -keystore C:\local.keystore https://freetsa.org/tsr myfile.jar myalias
after that I created a jnlp file and then placed both the jar file and jnlp file on my webserver ROOT directory.
I should note that when I just double click on the file the java file comes up with no problem. I only see this issue when I try to launch the jnlp file by clicking on a link from the web browser (ie 11 in this case)
Also, I should mention that I know webstart in general is a tech that's being depreciated and that my version of java is older, my browser is older etc, but for my specific purposes I need to use this tech.
Then it looks to me like you signed the jar file but not the JNLP file. Although I have to say, it's been a very long time since I had to sign JNLP files and I disliked the whole digital signature business when I had the task.
posted 3 months ago
Thanks. So I am a total newbie to signing jars, jnlp, files etc. Certificates and keys has never been my strong suit. However, from the documentation I read, I was under the impression that you only had to sign the jar file and that takes care of the JNLP if it's included, but sounds like this is not so?
I will search more on my own as well but if anyone knows which direction to point me in please feel free.
btw not sure if this makes a difference but when I said...
"after that I created a jnlp file and then placed both the jar file and jnlp file on my webserver ROOT directory. "
by jnlp file I meant the jnlp configuration file.
I basically followed the following 6 steps...
1) Create a java application
2) Package the java application into a ".jar" file
jar -cf MyApplication.jar