• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Success: how to self-sign an applet

 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I created a simple Java applet. I jar'd it creating hw.jar and got it to work in a web page with an applet tag. I did all this on my PC and verified it using Firefox and IE7.

Next I added code in the applet to reference the local file system. This failed as expected, the Java console showing:

Exception in thread "AWT-EventQueue-2" java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.io.Win32FileSystem.getUserPath(Unknown Source)
at java.io.Win32FileSystem.resolve(Unknown Source)
at java.io.File.getAbsolutePath(Unknown Source)
at com.sbqsam.test.applets.HelloWorld$3.actionPerformed(HelloWorld.java:74)

So now I'm ready to sign the applet and see this error go away. I want to use a certificate that I generate myself; during development I don't want to have to pay to get a real certificate. Here are the exact steps that worked for me (Windows XP, sp 3):


-->keytool -genkey -keyalg rsa -alias sbqsam0
Enter keystore password: *****
Re-enter new password: *****
...
Enter key password for <sbqsam0>
(RETURN if same as keystore password): *****

-->keytool -export -alias sbqsam0 -file sbqsamCert.crt
Enter keystore password:
Certificate stored in file <sbqsamCert.crt>

-- I get an error doing this step:

-->jarsigner hw.jar sbqsamCert
Enter Passphrase for keystore:
jarsigner: Certificate chain not found for: sbqsamCert. sbqsamCert must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

-->keytool -list
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

-- Here's the critical step, provided by hyeomer's post of Sep 26, 2003 4:49AM
-- on this forum: http://forums.sun.com/thread.jspa?threadID=433828&tstart=960

-->keytool -export -alias sbqsam0 -rfc -file sig.x509
Enter keystore password:
Certificate stored in file <sig.x509>

-->jarsigner hw.jar sbqsam0
Enter Passphrase for keystore:

Warning:
The signer certificate will expire within six months.

When I display that directory there are only these three files:

03/22/2009 12:46 PM 6,062 hw.jar
03/22/2009 10:18 AM 627 sbqsamCert.crt
03/22/2009 12:16 PM 914 sig.x509

My next step is to move all this up to my web site. I'm hoping if I move these three files into the folder that contains the .html file with the <applet> tag which references hw.jar that it will all work.

-Sam
 
Ranch Hand
Posts: 2108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Great! How did it go in the server?
 
Samuel Quiring
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry for not following up. It worked for me.

-Sam
 
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
my jar file which has the applet class files and image files is not able to load it. i have no idea why.. I have signed the jar file and all but it doesnt work ? any idea why ?
 
Jesus Angeles
Ranch Hand
Posts: 2108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Titus Abraham wrote:my jar file which has the applet class files and image files is not able to load it. i have no idea why.. I have signed the jar file and all but it doesnt work ? any idea why ?



Hi, are you doing this on a web application?

Does it work if you dont sign the jar?

What error are you getting (what does 'not able to load it' mean)?
 
Jesus Angeles
Ranch Hand
Posts: 2108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Samuel Quiring wrote:Sorry for not following up. It worked for me.

-Sam



It also worked for me. I just followed what you did.

Have you figured out how to 'import' a saved one into the default keystore (opposite of 'export')?

I tried but I am getting the error below:







 
Titus Abraham
Ranch Hand
Posts: 36
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey... i was using a relative path. and relative paths do not work in applets. thats why i was getting error. thanks for the help.

 
reply
    Bookmark Topic Watch Topic
  • New Topic