Documentation Contents |
Applet Running In the Sun JavaTM Runtime Environment (JRETM) Is No Longer Signed After Repackaging the Signed
.cab
Files As.jar
Files.
SymptomsAfter repackaging signed
.cab
files as.jar
files, an applet running in the Sun JRE is treated as unsigned. But, the same applet which is packaged as.cab
files runs as signed in the Microsoft Virtual Machine (VM).Cause
Microsoft supports signing applets through its own proprietary Authenticode and
.cab
file technologies. The signing information is lost in the process of repackaging. As a result, the Sun JRE implementation treats the.jar
files as unsigned.Resolution
Sign the
.jar
files by using the jarsigner tool of the Java Development Kit (JDK) by using the following method:
- Obtain the Sun Java Signing certificate from VeriSign or the Java Code Signing certificate from Thawte or similar certificates from other Certificate Authorities (CAs). RSA certificates may be purchased from a Certificate Authority (CA) that supports RSA, such as Verisign and Thawte.
- Import the certificate into your keystore by using the keytool command and an alias name. For example, type the following command:
C:\>C:\jdk1.6.0\bin\keytool -import -alias MyCert -file VSSStanleyNew.cer- Type the
jarsigner
command to sign the.jar
file, by using the RSA credentials in your keystore that were generated in the previous step. Make sure the same alias name is specified. For example, type the following command:When you type the above command, the following response appears. Type the Passphrase that you provided while generating the credentials for keystore in the above step.C:\>C:\jdk1.6.0\bin\jarsigner C:\TestApplet.jar MyCertType the Passphrase that you provided while generating the credentials for keystore.Enter Passphrase for keystore:- Use "
jarsigner -verify -verbose -certs
" to verify the.jar
files.C:>C:\jdk1.6.0\bin\jarsigner -verify -verbose -certs d:\TestApplet.jar 245 Wed Mar 10 11:48:52 PST 2000 META-INF/manifest.mf 187 Wed Mar 10 11:48:52 PST 2000 META-INF/MYCERT.SF 968 Wed Mar 10 11:48:52 PST 2000 META-INF/MYCERT.RSA smk 943 Wed Mar 10 11:48:52 PST 2000 TestApplet.class smk 163 Wed Mar 10 11:48:52 PST 2000 TestHelper.class X.509, CN=XXXXXXX YYY, OU=Java Software, O=Sun Microsystems, L=Cupertino, ST=CA, C=US (mycert) X.509, CN=Sun Microsystems, OU=Java Plug-in QA, O=Sun Microsystems, L=Cupertino, ST=CA, C=US X.509, EmailAddress=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA s = signature was verified m = entry is listed in manifest k = at least one certificate was found in keystore i = at least one certificate was found in identity scope jar verified.Related Information
See Code Signing by VerSign and code-signing certificate support by Thawte for information on how to obtain certificates.
See Signing applets using RSA certificates for more information on how to sign applets.
Copyright © 1993, 2010, Oracle and/or its affiliates. All rights reserved. Please send comments using this Feedback page. |
Java Technology |