When Sun Microsystems introduced Java in 1995, applets were considered the killer feature for the business success of Java. Don
by cayhorstmann - 2014-08-13 01:02
It's now a year later, and I had to redo the process. This time, I ran into a nasty snag. I picked up the certificate with Firefox/Linux and exported it. But signing with the certificate did not work. jarsigner reported
Warning: The signer's certificate chain is not validated.
And the applet wouldn't load. The Java Plug-in said it was self-signed.
The reseller told me to import it into Internet Explorer and export it again. I was dubious, but it did work. Apparently, Firefox doesn't have the Comodo cert inside, but IE does, and then it adds it to your key.
If you run into such an issue, run
keytool -storetype pkcs12 -list -v -keystore yourcert.pfx
If the certificate chain has length 1 (as it dd for me when exporting out of Firefox), then try the IE trick.
by ianc10 - 2014-02-02 22:55
One feature of Amazon's EC2 Web Services is that you can download certificates in relation to your virtual server. Is it possible to use these certificates to sign Java applets with?
I have a fractal explorer applet at www.mandelmania.net, and as of this latest Java update, my applets are not able to run without changing the security level slider in the Java Control Panel or adding my website to the exception list.
My website is basically built around this applet, and it is frustrating to think that I will have to buy a certificate just to keep my website "alive".
by cayhorstmann - 2014-02-03 06:54
Unfortunately, you will have to get a certificate that is signed by one of the root certificate that is trusted by the Java runtime. You can find out which ones they are by running the Java Control Panel (jcontrol from the command line if you have the jre/bin directory on your PATH). Look at Security -> Manage certificates -> Secure Signer CA -> System.
Amazon is not listed there. Like I said, the least inexpensive route seems to be a Comodo reseller such as KSoftware or Tucows, which is close to $100 and a few fun hours of arguing with Comodo's outsourced staff on whether you are really yourself. If anyone has a cheaper/better way, I'd love to know.
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Participation.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.