Problem with signing a JAR file !!

Hi experts !!
I have tried signing JAR files a number of times but every time if failes. I even verified whether the JAR was signed which output's the term VERIFIED to the console.
Yet, when I run the applet on the browser it throws a security exception.

I created a keystore by specifying all required options. then used the keystore to sign the JAR using the jarsigner tool.

Wanna know how I could get the JAR signed correctly.
If U can explain this process briefly I guess it would do.

ThankX !!
--Din--

dinethAsked:
Who is Participating?
 
CEHJConnect With a Mentor Commented:
The point here is that the browser must be in possession of a valid certificate, or signing the applet alone will not work. I'm not an expert on this sort of thing, but I think it's easier to import test certificates in Netscape. Maybe this link will help:
http://developer.netscape.com/docs/manuals/signedobj/signtool/signcert.htm#1027981
0
 
CEHJCommented:
Have you given the browser the key?
0
 
dinethAuthor Commented:
Hi CEHJ !!
How could that be done ?? please explain
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
objectsCommented:
What browser are we talking about?
0
 
objectsCommented:
IE uses cab's and not signed jars.
0
 
girionisCommented:
No comment has been added lately, so it's time to clean up this TA.

I will leave a recommendation in the Cleanup topic area that this question is:

- points to CEHJ

Please leave any comments here within the
next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

girionis
Cleanup Volunteer
0
 
objectsConnect With a Mentor Commented:
> The point here is that the browser must be in possession of a valid certificate

This is not true. The cert is installed automatically when the user grants it rights.
0
 
CEHJCommented:
>>The cert is installed automatically when the user grants it rights.

It still must be valid part of a chain surely?
0
 
girionisCommented:
 There must be a certificate somewhere in order to work. Another reason for recommending CEHJ's comment as answer is that the link provided is a valid one and explains how to do it.
0
 
objectsCommented:
> It still must be valid part of a chain surely?

No. Go to any site that uses signed jars and you can use them without having to import anything.

> Another reason for recommending CEHJ's comment as answer is that the link
> provided is a valid one and explains how to do it.

That link discusses importing test certs. The question mentions nothing about a test cert.


0
 
CEHJCommented:
>>Go to any site that uses signed jars and you can use them without having to import anything

That's great. That must mean nobody needs to buy a certificate - simply create their own and sign the jar (?)
btw, nobody was mentioning having to import anything.
0
 
girionisCommented:
> That link discusses importing test certs. The question mentions nothing about a test cert.

  The process is the same for both test and production certificates.
0
 
objectsCommented:
> simply create their own and sign the jar (?)

Not sure I fillow what you mean.

> btw, nobody was mentioning having to import anything.

Isn't that what the link you posted discusses?

> The process is the same for both test and production certificates.

Not true. There is no need for users to manually import production certs
0
 
girionisCommented:
> Not true. There is no need for users to manually import production certs

  AFAIK there is no need to import test certificates as well. You just need to trust the test issuer and accept the certificate.
0
 
objectsCommented:
>  AFAIK there is no need to import test certificates as well. You just need to trust
>  the test issuer and accept the certificate.

Why did you recomend the above comment as an answer if that is the case?

There are many reasons that could be causing this problem, dineth has not suppied sufficient information to determine the cause.
0
 
girionisCommented:
> Why did you recomend the above comment as an answer if that is the case?

  Because once you accept the certificate it is imported in the system and saved in the database of trusted certificates, hence you do not have to accept it again. Therefore the system is in possesion of a valid certificate, regardless if it is from a trusted or untrusted source. For the browser it is valid as far as the browser is concerned.

  Anyway, I see where you are getting. CEHJ is talking about manually importing certificates whether you say that the certificate is imported automatically when the user accepts it. In either case it will work, it is just that CEHJ's suggestion requires a bit more of work.

  The best thing would be for the asker to get back and clarify, but since the question is probably abandonded the only thing I can do is to recommend CEHJ's comment as answer since it provides a possible solution.
0
 
objectsCommented:
> recommend CEHJ's comment as answer since it provides a possible solution.

If the cert is automatically imported then I'm not sure I understand how importing it would fix the problem.

As i suggested above the problem could also have been caused by (among other reasons) not using plugin. Seems more likely than the cert somehow not loading.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.