Hi, I've already spent hours on this, please post if you know whats going on. Thank you very much.
Here is the problem: I've a certificate file, say name is: mycert.crt. I've a JAR applet named myapplet.jar. I need to sign the applet so that it runs on a website. I know the private key and public key of the certificate. I tried to import it using the keytool:
Then I tried to sign the jar file using the following:
When I verify it, it says the JAR is signed.
However, when I try to run it I get the error message: The jar is signed but the application's digital signature is invalid (not exact wording).
I've an already signed jar that works fine but the one I try to sign does not work. Any solution? [ May 31, 2006: Message edited by: Tokai Moshai ]
4)sign the jar C:\j2sdk1.4.1_02\bin>jarsigner.exe -keystore C:\projectname\lib\security\.keystore -storepass ozziepassword C:\projectname\webApplication\dps.jar ozzie
Note: Assumes java is installed at C:\j2sdk1.4.1_02\ ;-) Note: The keytool will create the keystore C:\projectname\lib\security\.keystore can be left off to default to the jdk keystore (java.home\lib\security\.keystore), but you really don't not want to mess with the jdk keystore and have to reinstall. Note: MAKE SURE you write down the passwords used. In this case ozziepassword.
The standard SDK documentation will have both the keytool and the jarsigner in them. They are a little hard to read though.
You should still get a dialog that will ask you if you trust this applet, because it has not been signed by a known Root Authority, but it is good enough for development. Pick 'yes always' and you will be good to go.
Jeff Osborn<br />Procelerate Technologies<br /><a href="http://procelerate.com" target="_blank" rel="nofollow">procelerate.com</a>