"the application's digital signature cannot be verified"

HLRosenberger
HLRosenberger used Ask the Experts™
on
I have a java applet that is signed.  The browser gives me "the application's digital signature cannot be verified".   Why is this?  What do I need to do to be a trusted publisher?   Or is this message normal, and user of the applet checks the box that says to always trust the publisher?  

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
To be a trusted publisher, you would have to sign the JAR file with a certificate provided by a Certificate Authority (CA), such as Verisign. If the user of the applet checks the box to always trust the publisher, then that JAR (and others you sign) would be trusted by that user.
Cryptographic Engineer
Commented:
to use from your own CA you need to sign using a code signing certificate.  the CA root certificate needs to be trusted within the Enterprise Trust store and the code signing cert trusted in the Trusted People store.  Check this in Certificates MMC (local computer).

Also since is Java you will want to update Java's own trust store you can do that from the Java control panel and import the root certificate into the signers list.  This will update the cacerts file and you can distribute that elsewhere.

Author

Commented:
I signed it using the jarsigner tool.  

Author

Commented:
good answer

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial