File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Applets and the fly likes Signing .jar files for a Website Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Applets
Bookmark "Signing .jar files for a Website" Watch "Signing .jar files for a Website" New topic

Signing .jar files for a Website

Aluker DeBrownti

Joined: Jul 17, 2014
Posts: 3
I am currently trying to update a few java applets for a website. As of right now, the applets are automatically
blocked on all computers when they are accessed because the newest updates
for Java have caused them to be blocked. I have determined that the
solution to this is to resign the .jar files that are used to run the
application with a new certificate.

I requested and received a certificate (in pkcs 12 format, a .p12 file), imported it into
the computer, and used it to sign the .jar files. However, I have been
getting an error after signing the .jar files stating that the full
certificate chain of the code signing certificate is not valid.

I am not sure what to do from here. I've done a lot of internet
searching for a solution but haven't really found anything that applies to
our exact scenario. Prior to working on this project for work, I have never had any experience with this kind of thing
I contacted someone in the IT department at the University at which I work and he thought that maybe one of the intermediates within the certificate was either missing or illegitimate.
I tried to check the path of the certificate using a method he recommended (using OpenSSL) but didn't really find anything of use. Beyond that

Prior to this project, I had absolutely no knowledge of anything related to Java applets or web design. I would really appreciate any help you can offer me! I'd like to get the website operational as soon as possible!
Paul Clapham

Joined: Oct 14, 2005
Posts: 19973

I'd strongly suggest that you call the support line for the people who sold you the certificate and ask them what to do. (They charge you money, they should provide support.) As you say, you probably missed one step in the process. When I did that, there was something called something like "intermediate certificate" which I had to do something with -- but I don't remember what. Like you, signing jar files wasn't something I did every day.
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
  73 has a helpful and informative server test. Checking intermediate certificates is one of the many things it does.
Tony Docherty

Joined: Aug 07, 2007
Posts: 2837
And Welcome to the Ranch
Aluker DeBrownti

Joined: Jul 17, 2014
Posts: 3
Ulf Dittmer wrote: has a helpful and informative server test. Checking intermediate certificates is one of the many things it does.

I tried out this website, but it told me "Assessment failed. No security protocols supported." ...I'm not quite sure what to make of that.

I just contacted InCommon, who provided me with the certificate. I'm hoping they'll be able to shed some light on what's going on.

Thanks for all the responses!
I agree. Here's the link:
subject: Signing .jar files for a Website
It's not a secret anymore!