Blogs

Signing Java Applets Using RSA Certificate

2/19/08 10:00 PM

Generate a private/public key pair with the RSA algorithm.
$ keytool -genkey -keyalg rsa -alias keyname
Enter keystore password: password
What is your first and last name?
[Unknown]:
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
[no]:
Enter key password for <keyname>
(RETURN if same as keystore password):

Generate the self-signed certificate containing the public key, valid for one year.
$ keytool -selfcert -alias keyname -validity 365
Enter keystore password: password

Use jarsigner to sign the JAR file, using the RSA credentials in your keystore that were generated in the previous steps. Make sure the same alias name is specified.
$ jarsigner MyApplet.jar keyname
Enter Passphrase for keystore: password

Verify the JAR file.
$ jarsigner -verify -verbose -certs MyApplet.jar
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.

Your applet has been signed properly. You are now ready to deploy your RSA signed applet.

By Vincent Kong

383 Views,

java