Solved

signing an applet for IE

Posted on 2000-05-17
3
769 Views
Last Modified: 2010-05-18
Hi out there!
I got an question to signing the cab file. All the Files are in the bin directory of the sdk40. I wrote the following linies, everything's ok.
 
makecert -sk mykeyname -n "CN=my name" mytestcert.cer
cabarc myapplet.cab n  *.class + *.htm
cert2spc mytestcert.cer mytestcert.spc
signcode -j javasign.dll -jp print.ini myapplet.cab
 
 After this the error "There is no valid certificate in the my cert store " appears with "signing failed. Result = 8009200c, (-2146885620)" as error code. But that is only the thing that every manual tells me to do if i want an signed cab file to run my applet. In the print.ini is only one linie :
 
[com.ms.security.permissions.PrintingPemission]

I allready was on www.suitable.com/... and the other sites I found.
0
Comment
Question by:Randal_Flagg
3 Comments
 
LVL 1

Accepted Solution

by:
yatest5 earned 100 total points
Comment Utility
I followed the stuff on http://www.suitable.com/Doc_CodeSigning.shtml and it all worked OK.

Here are my steps anyway.

1.  Make test certificate

makecert /sv "mykey.pvk" /n "CN=a name" mykey.cer

2.  Make .spc file

cert2spc mykey.cer mykey.spc

3.  tell IE to accept test root

setreg 1 TRUE

4.  Put all classes in a directory

5.  Call cabsign file as

cabsign dirname "mainfile" "low"

running in the directory immediately above the one with your classes in in the tree.

The cabsign thing is off the web site above and does all the stuff for you once you change the internal references to the .cer and .spc files.

I will replicate it below.  Copy it out and save it as cabsign.bat - then change the SET CERT FILE and SET KEY FILE links.  It then does all of the other stuff for you.

But, if you have any problems, I followed the instructions on the URL above and it worked fine, and what you have told me hasn't done that, copy the .bat files off the site such as the one below - it does work.

Good luck,

Tom

@ECHO OFF
REM This batch file creates and signs a .cab file. The first argument should be the
REM name of the directory of files to be put into the cabinet (NO terminating "\",
REM please!) The second argument should be the formal name of the
REM applet. The third argument should be low, medium or high (generally low).
REM Note: you should be in the directory containing the directory of
REM files to be CABbbed/signed when you run this.

REM I'll set up a couple of variables to make things more readable. You'll need to
REM edit these values to match your setup. If you get an error such as
REM "Out of environment space" then you'll have to increase your environment space.
REM (Boy, do I love DOS.)

REM This is the location of the digital ID certificate file (.spc). For convenience,
REM I put mine in the same directory as my Navigator ID database.
SET CERT_FILE="g:\codesigning\teleca.spc"

REM This is the location of the digital ID private key file (.pvk).
SET KEY_FILE="g:\codesigning\teleca.pvk"

REM First, create the CAB file. The arguments here are:
REM    -r        Recurse into subdirectories
REM    -p        Preserve path names
REM    -P [arg]  Strip the argument (here "%1\") from the beginning of each path
REM    N  [arg]  Create the given named .cab file
REM    [rest]    Put these files (here "%1\*.*") into the .cab file
REM Note! this does NOT use the -s option to reserve space for the signature;
REM the latest version of signcode (from the Java SDK 2.01) doesn't need this.
ECHO *********** About to create .cab archive using cabarc ***********
cabarc -r -p -P %1\ N %1.cab %1\*.*

REM Next, sign the code. Arguments are:
REM    -j javasign.dll    This provides the tools to do Java permission levels
REM    -jp  [arg]         The permission level to be used
REM    -spc [arg]         Software publishing certificate file
REM    -v   [arg]         Private key file
REM    -n   [arg]         Nice name of archive (shown in digital ID dialog)
REM    [arg]              Archive file to be signed (here "%1.cab")
ECHO *********** About to sign archive using signcode ***********
signcode -j javasign.dll -jp %3 -spc %CERT_FILE% -v %KEY_FILE% -n %2 %1.cab

REM Finally, timestamp the code. (I put this in a separate command to make each
REM command simpler.) NOTE! for this to work you must have an Internet
REM connection up and running. Arguments are:
REM    -x                 Timestamp the archive; do not sign it (it's already done)
REM    -t   [arg]         The timestamp server's HTTP address (here it's VeriSign)
REM    -tr  [arg]         The number of times to try timestamping before giving up
REM    [arg]              Archive file to be timestamped (here "%1.cab")
ECHO *********** About to timestamp .cab archive using signcode ***********
signcode -x -t http://timestamp.verisign.com/scripts/timstamp.dll -tr 5 %1.cab

REM Punt the various environment variables
SET CERT_FILE=
SET KEY_FILE=

ECHO *********** Done timestamping .cab archive ***********

0
 
LVL 7

Expert Comment

by:Ravindra76
Comment Utility
0
 

Author Comment

by:Randal_Flagg
Comment Utility
Very good answer.But I still have the problem when I use the spc and v Options, the compiler points me to use that option. So that thing doesnot work. I tried also tried some different settings.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Modeling a class in java 5 31
Running Jira on Raspberry PI 2? 3 117
Problem to start Neon 20 49
github account with ecipse 1 15
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers learn about the scanner class in this video and are introduced to receiving user input for their programs. Additionally, objects, conditional statements, and loops are used to help reinforce the concepts. Introduce Scanner class: Importing…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now