Re: Signing Applets

Laura L. Evangelista Wed, 12 Aug 1998 23:01:49 -0400
Daniel W. Dulitz x108 238-3728 wrote:
> 
> >     Can I sign an applet (JAR file) without "purchasing"/needing
> > a certificate (digital ID)?
> 
> Well, you need a certificate, but you can generate the certificate
> yourself and be your own Certificate Authority (and you don't have to
> pay anyone).  I've did it a while ago and can give you pointers; it is
> indeed useful in carefully controlled circumstances.

What are these pointers?

> The most obvious case where it makes sense to do what you propose is
> if you have an applet that will run only on your corporate Intranet,
> and you want it to be able to play outside the sandbox.

Yes ... I simply wish to read data from a text file, create
objects out of it, and save them back to the file afterwards ...

> I don't remember where I obtained signtool10LinuxELF20.tar.gz, but I
> believe that was all I needed.

That's what I used ... I run:
        signtool -G"myCert" -k"myCert" -Z"client.jar" myDirectory

And so, I got my new certificate ... but when I run:
        signtool -l client.jar

the following message appears:

        NOTE -- "client.jar" archive DID NOT PASS crypto verification.
          (reported reason: Unknown issuer)

        entries shown below will have their digests checked only.

              status   path
        ------------   --------------------
            verified   Client.class
            verified   Client.java
            verified   index.html
            verified   items.txt

        NOTE -- "client.jar" archive DID NOT PASS crypto verification.
        The Certificate Authority (CA) for this certificate
        does not appear to be in your database. You should contact
        the organization which issued this certificate to obtain
        a copy of its CA Certificate.

And, when I try to run my applet on (Netscape Navigator 4.05),
here's what I get:

        # Error: The certificate issuer for this server is not
recognized by
        Netscape. The security certificate may or may not valid.

        Netscape refuses to connect to this server. (-8179)
        #       jar file: /tmp/jzip35D335A10080306
        #       path:     /tmp/jzip35D335A10080306
        # Error: loading of signatures has failed (-1)
        #       jar file: /tmp/jzip35D335A10080306
        #       path:     /~lala/dataEntry/file/

I've already tried a lot of things (downloaded
capsapi_classes.zip and SignTool and applied the codebase
principle) just to get this applet run in a browser, but to no
avail ... Please, help me on this.

Thank you.

-- Laura
Re: Signing Applets

Reply via email to
