Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Signed Applets

Problems signing Applet in jdk 1.3.1

Hi,

I have signed and deployed applets in 1.4.1. Since we have to port it to jdk 1.3.1, i have repeated the process ( recreated the certificate and signed the jar file using keytool, jarsigner shipped with jdk v 1.3.1_04). Now I am getting the java.security.cert.CertificateException: Unable to verify the certificate with root CA.

These are the steps I followed.

1. Created a keystore and certificate using keytool:

>keytool -genkey -alias krishna -keystore keystore . It prompted me for a store password, and I have supplied it.

> keytool -export -alias krishna -keystore keystore -file testcert.crt. It generated the certificate.

Then I added both the keystore ( which might not be necessary) as well as testcert.crt files to the jar file.

and I signed it using jarsigner. The jarsigner -verify says the jar is verified.

But after loading the html file, I get the CertificateException.

I don't have this problem when I first used 1.4.1

Do I have to use policy files. This would be inconvenience to the users if they have to import those policy files.

TIA,

Krishna

I am attaching the java console traces:

--

java.security.cert.CertificateException: Unable to verify the certificate with root CA

at sun.plugin.security.TrustDecider.isAllPermissionGranted(Unknown Source)

at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)

at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)

at java.security.SecureClassLoader.defineClass(Unknown Source)

at java.net.URLClassLoader.defineClass(Unknown Source)

at java.net.URLClassLoader.access$100(Unknown Source)

at java.net.URLClassLoader$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(Unknown Source)

at sun.applet.AppletClassLoader.findClass(Unknown Source)

at sun.plugin.security.PluginClassLoader.findClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.applet.AppletClassLoader.loadClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.applet.AppletClassLoader.loadCode(Unknown Source)

at sun.applet.AppletPanel.createApplet(Unknown Source)

at sun.plugin.AppletViewer.createApplet(Unknown Source)

at sun.applet.AppletPanel.runLoader(Unknown Source)

at sun.applet.AppletPanel.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

[2567 byte] By [kbalusua] at [2007-9-29 23:32:36]
«« Converter Element - <converter-for-class>
»» GridBagLayout in Swing
# 1

Another interesting thing is, the applet ( jar) that is signed will display the security dialog if I connect from a client that has java plugin 1.4 ( jsdk 1.4) or if I copy it and run it on a j2sdk1.4 machine. I checked the java.policy files on both 1.3.1 machine and 1.4.1 and they are the same.

TIA

Krishna

kbalusua at 2007-7-16 3:58:26 > top of Java-index,Security,Signed Applets...
# 2
its depend on your JRE setting. Check your browser JRE used and JRE Option Panel setting that pointed to which version of JRE.
airqqa at 2007-7-16 3:58:26 > top of Java-index,Security,Signed Applets...
# 3
I am having the same problem, did you manage to find a solution?Thanks,DeltaCoder
DeltaCodera at 2007-7-16 3:58:26 > top of Java-index,Security,Signed Applets...
Security
Signed Applets

Security New Topic

Security Hot Topic

Security

All Classified