|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
I'm surprised that nobody else on this list is interested in this problem. I'm sure I've seen other developers who rely on Java Web Start here. There's a little discussion on stackoverflow about this, here, but I'll post the gist below if anyone has any ideas:
We've been able to determine that you can sign a jnlp file with codesign, using the "Developer ID Application" Certificate, like this:
The result from this operation seems to pass Gatekeeper on the local machine. However, it seems like the signature gets stored as extended HFS attributes, and as a result, it is not transmitted if a user fetches the file from a HTTP transaction.
It might work if you took the .jnlp file, and packaged it in some kind of container, like a .dmg or maybe a .tar.gz, however, that's both a lot of work, and it provides a fairly challenging user experience.
Anyone have any idea how one might transport a codesigned jnlp, to a user via HTTP, /without/ the user needing to manually unpack an archive of some sort?
On Jun 5, 2013, at 5:40 PM, Steve Kann <email@hidden> wrote:
_______________________________________________ Do not post admin requests to the list. They will be ignored. Java-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
|>JNLP signing requirement. (From: Steve Kann <email@hidden>)|
Visit the Apple Store online or at retail locations.
Copyright © 2011 Apple Inc. All rights reserved.