https://stackoverflow.com/questions/21440583
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI'm no longer working on this project, so am closing this question. The solution we went with was to add security exceptions for the URL that the applet was hosted from using a group policy.
Signed Java Applet not Working
-
04-10-2022 - |
Question
I'm working on a Java Applet that used to be self-signed. Now that java 7u51 is being used, I am working to get the jar for the Applet signed.
I used the certificate/key used for the apache2 ssl to sign the jar. In order to do this I had to create a new keystore using the key/certificate, and the Not Yet Commons SSL library.
If I run jarsigner -verify on the applet jar, i get:
This jar contains entries whose signer certificate's ExtendedKeyUsage extension
doesn't allow code signing.
The applet is still getting an invalid certificate error. I can view the certificate, and it is the same certificate used for SSL. The error message says that it was blocked due to being self-signed, but this is not a self-signed certificate!
I can run the applet when I move the security settings down to "medium", but this is unacceptable for this project.
The certificate I used to sign this is part of a chain (about 4 long). Is there a way I need sign the jar using the whole chain? Do I need to use a Code Signing certificate?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
