Signed Java Applet not Working
Question
I'm working on a Java Applet that used to be self-signed. Now that java 7u51 is being used, I am working to get the jar for the Applet signed.
I used the certificate/key used for the apache2 ssl to sign the jar. In order to do this I had to create a new keystore using the key/certificate, and the Not Yet Commons SSL library.
If I run jarsigner -verify on the applet jar, i get:
This jar contains entries whose signer certificate's ExtendedKeyUsage extension
doesn't allow code signing.
The applet is still getting an invalid certificate error. I can view the certificate, and it is the same certificate used for SSL. The error message says that it was blocked due to being self-signed, but this is not a self-signed certificate!
I can run the applet when I move the security settings down to "medium", but this is unacceptable for this project.
The certificate I used to sign this is part of a chain (about 4 long). Is there a way I need sign the jar using the whole chain? Do I need to use a Code Signing certificate?
1 answers
solution1
0 ACCPTED 2014-07-22 15:28:58
I'm no longer working on this project, so am closing this question. The solution we went with was to add security exceptions for the URL that the applet was hosted from using a group policy.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.