Solved

signing an applet for IE

Posted on 2000-05-17
3
784 Views
Last Modified: 2010-05-18
Hi out there!
I got an question to signing the cab file. All the Files are in the bin directory of the sdk40. I wrote the following linies, everything's ok.
 
makecert -sk mykeyname -n "CN=my name" mytestcert.cer
cabarc myapplet.cab n  *.class + *.htm
cert2spc mytestcert.cer mytestcert.spc
signcode -j javasign.dll -jp print.ini myapplet.cab
 
 After this the error "There is no valid certificate in the my cert store " appears with "signing failed. Result = 8009200c, (-2146885620)" as error code. But that is only the thing that every manual tells me to do if i want an signed cab file to run my applet. In the print.ini is only one linie :
 
[com.ms.security.permissions.PrintingPemission]

I allready was on www.suitable.com/... and the other sites I found.
0
Comment
Question by:Randal_Flagg
3 Comments
 
LVL 1

Accepted Solution

by:
yatest5 earned 100 total points
ID: 2816977
I followed the stuff on http://www.suitable.com/Doc_CodeSigning.shtml and it all worked OK.

Here are my steps anyway.

1.  Make test certificate

makecert /sv "mykey.pvk" /n "CN=a name" mykey.cer

2.  Make .spc file

cert2spc mykey.cer mykey.spc

3.  tell IE to accept test root

setreg 1 TRUE

4.  Put all classes in a directory

5.  Call cabsign file as

cabsign dirname "mainfile" "low"

running in the directory immediately above the one with your classes in in the tree.

The cabsign thing is off the web site above and does all the stuff for you once you change the internal references to the .cer and .spc files.

I will replicate it below.  Copy it out and save it as cabsign.bat - then change the SET CERT FILE and SET KEY FILE links.  It then does all of the other stuff for you.

But, if you have any problems, I followed the instructions on the URL above and it worked fine, and what you have told me hasn't done that, copy the .bat files off the site such as the one below - it does work.

Good luck,

Tom

@ECHO OFF
REM This batch file creates and signs a .cab file. The first argument should be the
REM name of the directory of files to be put into the cabinet (NO terminating "\",
REM please!) The second argument should be the formal name of the
REM applet. The third argument should be low, medium or high (generally low).
REM Note: you should be in the directory containing the directory of
REM files to be CABbbed/signed when you run this.

REM I'll set up a couple of variables to make things more readable. You'll need to
REM edit these values to match your setup. If you get an error such as
REM "Out of environment space" then you'll have to increase your environment space.
REM (Boy, do I love DOS.)

REM This is the location of the digital ID certificate file (.spc). For convenience,
REM I put mine in the same directory as my Navigator ID database.
SET CERT_FILE="g:\codesigning\teleca.spc"

REM This is the location of the digital ID private key file (.pvk).
SET KEY_FILE="g:\codesigning\teleca.pvk"

REM First, create the CAB file. The arguments here are:
REM    -r        Recurse into subdirectories
REM    -p        Preserve path names
REM    -P [arg]  Strip the argument (here "%1\") from the beginning of each path
REM    N  [arg]  Create the given named .cab file
REM    [rest]    Put these files (here "%1\*.*") into the .cab file
REM Note! this does NOT use the -s option to reserve space for the signature;
REM the latest version of signcode (from the Java SDK 2.01) doesn't need this.
ECHO *********** About to create .cab archive using cabarc ***********
cabarc -r -p -P %1\ N %1.cab %1\*.*

REM Next, sign the code. Arguments are:
REM    -j javasign.dll    This provides the tools to do Java permission levels
REM    -jp  [arg]         The permission level to be used
REM    -spc [arg]         Software publishing certificate file
REM    -v   [arg]         Private key file
REM    -n   [arg]         Nice name of archive (shown in digital ID dialog)
REM    [arg]              Archive file to be signed (here "%1.cab")
ECHO *********** About to sign archive using signcode ***********
signcode -j javasign.dll -jp %3 -spc %CERT_FILE% -v %KEY_FILE% -n %2 %1.cab

REM Finally, timestamp the code. (I put this in a separate command to make each
REM command simpler.) NOTE! for this to work you must have an Internet
REM connection up and running. Arguments are:
REM    -x                 Timestamp the archive; do not sign it (it's already done)
REM    -t   [arg]         The timestamp server's HTTP address (here it's VeriSign)
REM    -tr  [arg]         The number of times to try timestamping before giving up
REM    [arg]              Archive file to be timestamped (here "%1.cab")
ECHO *********** About to timestamp .cab archive using signcode ***********
signcode -x -t http://timestamp.verisign.com/scripts/timstamp.dll -tr 5 %1.cab

REM Punt the various environment variables
SET CERT_FILE=
SET KEY_FILE=

ECHO *********** Done timestamping .cab archive ***********

0
 
LVL 7

Expert Comment

by:Ravindra76
ID: 2817117
0
 

Author Comment

by:Randal_Flagg
ID: 2824842
Very good answer.But I still have the problem when I use the spc and v Options, the compiler points me to use that option. So that thing doesnot work. I tried also tried some different settings.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Application launch issue with Apache Tomcat 5 45
Error trying to install RTMT Win7 5 60
print map entry 34 69
configure dependency in POM for new database 3 25
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Viewers learn about the “while” loop and how to utilize it correctly in Java. Additionally, viewers begin exploring how to include conditional statements within a while loop and avoid an endless loop. Define While Loop: Basic Example: Explanatio…
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question