Solved

Problem with signing a JAR file !!

Posted on 2002-06-27
18
242 Views
Last Modified: 2010-03-31
Hi experts !!
I have tried signing JAR files a number of times but every time if failes. I even verified whether the JAR was signed which output's the term VERIFIED to the console.
Yet, when I run the applet on the browser it throws a security exception.

I created a keystore by specifying all required options. then used the keystore to sign the JAR using the jarsigner tool.

Wanna know how I could get the JAR signed correctly.
If U can explain this process briefly I guess it would do.

ThankX !!
--Din--

0
Comment
Question by:dineth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 4
  • +1
18 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 7115002
Have you given the browser the key?
0
 

Author Comment

by:dineth
ID: 7115143
Hi CEHJ !!
How could that be done ?? please explain
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 100 total points
ID: 7115159
The point here is that the browser must be in possession of a valid certificate, or signing the applet alone will not work. I'm not an expert on this sort of thing, but I think it's easier to import test certificates in Netscape. Maybe this link will help:
http://developer.netscape.com/docs/manuals/signedobj/signtool/signcert.htm#1027981
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 92

Expert Comment

by:objects
ID: 7115404
What browser are we talking about?
0
 
LVL 92

Expert Comment

by:objects
ID: 7115405
IE uses cab's and not signed jars.
0
 
LVL 35

Expert Comment

by:girionis
ID: 8893477
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area that this question is:

- points to CEHJ

Please leave any comments here within the
next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

girionis
Cleanup Volunteer
0
 
LVL 92

Assisted Solution

by:objects
objects earned 100 total points
ID: 8897991
> The point here is that the browser must be in possession of a valid certificate

This is not true. The cert is installed automatically when the user grants it rights.
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 8900623
>>The cert is installed automatically when the user grants it rights.

It still must be valid part of a chain surely?
0
 
LVL 35

Expert Comment

by:girionis
ID: 8900730
 There must be a certificate somewhere in order to work. Another reason for recommending CEHJ's comment as answer is that the link provided is a valid one and explains how to do it.
0
 
LVL 92

Expert Comment

by:objects
ID: 8907308
> It still must be valid part of a chain surely?

No. Go to any site that uses signed jars and you can use them without having to import anything.

> Another reason for recommending CEHJ's comment as answer is that the link
> provided is a valid one and explains how to do it.

That link discusses importing test certs. The question mentions nothing about a test cert.


0
 
LVL 86

Expert Comment

by:CEHJ
ID: 8908197
>>Go to any site that uses signed jars and you can use them without having to import anything

That's great. That must mean nobody needs to buy a certificate - simply create their own and sign the jar (?)
btw, nobody was mentioning having to import anything.
0
 
LVL 35

Expert Comment

by:girionis
ID: 8908267
> That link discusses importing test certs. The question mentions nothing about a test cert.

  The process is the same for both test and production certificates.
0
 
LVL 92

Expert Comment

by:objects
ID: 8910343
> simply create their own and sign the jar (?)

Not sure I fillow what you mean.

> btw, nobody was mentioning having to import anything.

Isn't that what the link you posted discusses?

> The process is the same for both test and production certificates.

Not true. There is no need for users to manually import production certs
0
 
LVL 35

Expert Comment

by:girionis
ID: 8912034
> Not true. There is no need for users to manually import production certs

  AFAIK there is no need to import test certificates as well. You just need to trust the test issuer and accept the certificate.
0
 
LVL 92

Expert Comment

by:objects
ID: 8913703
>  AFAIK there is no need to import test certificates as well. You just need to trust
>  the test issuer and accept the certificate.

Why did you recomend the above comment as an answer if that is the case?

There are many reasons that could be causing this problem, dineth has not suppied sufficient information to determine the cause.
0
 
LVL 35

Expert Comment

by:girionis
ID: 8915394
> Why did you recomend the above comment as an answer if that is the case?

  Because once you accept the certificate it is imported in the system and saved in the database of trusted certificates, hence you do not have to accept it again. Therefore the system is in possesion of a valid certificate, regardless if it is from a trusted or untrusted source. For the browser it is valid as far as the browser is concerned.

  Anyway, I see where you are getting. CEHJ is talking about manually importing certificates whether you say that the certificate is imported automatically when the user accepts it. In either case it will work, it is just that CEHJ's suggestion requires a bit more of work.

  The best thing would be for the asker to get back and clarify, but since the question is probably abandonded the only thing I can do is to recommend CEHJ's comment as answer since it provides a possible solution.
0
 
LVL 92

Expert Comment

by:objects
ID: 8915440
> recommend CEHJ's comment as answer since it provides a possible solution.

If the cert is automatically imported then I'm not sure I understand how importing it would fix the problem.

As i suggested above the problem could also have been caused by (among other reasons) not using plugin. Seems more likely than the cert somehow not loading.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed. ------------------------- Start The idea here is to target your cell phones with the correct…
Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question