我想重启一台服务器,因此我在 Chrome 中打开了它的集成戴尔远程访问控制器,然后单击“启动虚拟控制台”,这导致 Chrome 下载了一个名称奇怪的文件。该文件在 Java Web Launcher 中打开,过了一会儿,出现了以下错误:
Unsigned application requesting unrestricted access to system
和:
The following resource is signed with a weak signature algorithm
MD5withRSA and is treated as unsigned
详细错误信息为:
JNLPException[category: 安全错误 : Exception: null : LaunchDesc:
<jnlp codebase="https://192.168.8.208:443" spec="1.0+">
<information>
<title>iDRAC7 Virtual Console Client</title>
<vendor>Dell Inc.</vendor>
<icon href="https://192.168.8.208:443/images/logo.gif" kind="splash"/>
<shortcut online="true"/>
</information>
<application-desc main-class="com.avocent.idrac.kvm.Main">
<argument>ip=192.168.8.208</argument>
<argument>vmprivilege=true</argument>
<argument>helpurl=https://192.168.8.208:443/help/contents.html</argument>
<argument>title=idrac-HB66YX1%2C+PowerEdge+M620%2C++%26%2325554%3B%26%2327133%3B+4%2C+%26%2329992%3B%26%2325143%3B%26%2365306%3B+root</argument>
<argument>user=2114738097</argument>
<argument>passwd=2007905771</argument>
<argument>kmport=5900</argument>
<argument>vport=5900</argument>
<argument>apcp=1</argument>
<argument>F2=1</argument>
<argument>F1=1</argument>
<argument>scaling=15</argument>
<argument>minwinheight=100</argument>
<argument>minwinwidth=100</argument>
<argument>videoborder=0</argument>
<argument>version=2</argument>
</application-desc>
<security>
<all-permissions/>
</security>
<resources>
<j2se version="1.6+"/>
<jar href="https://192.168.8.208:443/software/avctKVM.jar" download="eager" main="true"/>
</resources>
<resources os="Windows" arch="x86">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOWin32.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMWin32.jar" download="eager"/>
</resources>
<resources os="Windows" arch="amd64">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOWin64.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMWin64.jar" download="eager"/>
</resources>
<resources os="Windows" arch="x86_64">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOWin64.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMWin64.jar" download="eager"/>
</resources>
<resources os="Linux" arch="x86">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux32.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux32.jar" download="eager"/>
</resources>
<resources os="Linux" arch="i386">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux32.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux32.jar" download="eager"/>
</resources>
<resources os="Linux" arch="i586">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux32.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux32.jar" download="eager"/>
</resources>
<resources os="Linux" arch="i686">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux32.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux32.jar" download="eager"/>
</resources>
<resources os="Linux" arch="amd64">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux64.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux64.jar" download="eager"/>
</resources>
<resources os="Linux" arch="x86_64">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOLinux64.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMLinux64.jar" download="eager"/>
</resources>
<resources os="Mac OS X" arch="x86_64">
<nativelib href="https://192.168.8.208:443/software/avctKVMIOMac64.jar" download="eager"/>
<nativelib href="https://192.168.8.208:443/software/avctVMMac64.jar" download="eager"/>
</resources>
</jnlp> ]
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
在Java\jre\lib\security\java.security文件中我更改了(默认)
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
行,将“1024”替换为“128”,并按照本页给出的说明清除所有缓存: https://www.blackmoreops.com/2017/06/08/fix-java-error-unsigned-application-requesting-unrestricted-access-to-system/
但是应用程序仍然无法加载。有人知道如何解决这种情况吗?
答案1
解决此问题的快速方法是注释掉jdk.jar.disabledAlgorithms文件 lib/security/java.security 中的设置。
评论此部分:
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024
Windows 上的路径类似于 C:\Program Files (x86)\Java\jre1.8.0_151\lib\security。
答案2
2022 年 11 月更新:避免未签名应用程序警报的评论
#, \ SHA1 拒绝2019-01-01之后
答案3
iDRAC6 固件版本 1.98 可以正确解决此问题。我在 iDRAC6 1.8 上遇到了同样的错误
获取固件.d6文件:
- 去iDRAC 6 主页
- 选择
iDRAC6 Monolithic FW或iDRAC6 Blade FW - 下载
iDRAC6_1.98_A00.exe - 使用 Windows 计算机运行提取器
- 找到解压的文件
firmimg.d6
将文件上传firmimg.d6至 iDRAC 固件更新页面。
答案4
尝试将服务器 IP 添加到 Java 控制面板中的受信任站点。为此,请在 Windows 中启动控制面板,单击 Java(您可能需要切换到图标视图才能看到 Java 图标)。在 Java 设置窗口中,选择“安全”选项卡,然后按窗口底部附近的“例外站点列表”下方的“编辑站点列表...”按钮。将您的服务器添加到受信任站点列表。
此后,Java 会弹出一个警告对话框,但允许您继续。
如果没有,那么最好的选择是安装旧版 Java (1.6) 来访问 iDRAC。
此外,您可能需要检查您的服务器是否有较新的固件,因为当前固件似乎有点过时。