dcsimg
Can I use a selfcert to sign my applet?
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Andy_Sun
Posted On:   Tuesday, July 24, 2001 01:00 PM

Is it possible to use a self certificate without using a public CA to sign an applet and get it accepted?

At issue is an applet application for INTRA-net. We just want to applet to be able to read from client's disk. Do we have to get a certificate from a recognized CA (such as Verisign)?

We tried to generate a selfcert using "keytool -selfcert" command and signed the applet. Upon loading, the browser gives an error that certificate has failed to verify with the root CA.

Thanks in advance.

Re: Can I use a selfcert to sign my applet?

Posted By:   Anonymous  
Posted On:   Friday, August 3, 2001 08:03 PM

Applets signed with selfcert are by default not valid for the plug-in.
For testing purposes or some pc's on a small
network you can generate a own CA Key and Certificate (for example with openssl)
and import it to the /jre/lib/security/cacerts keystore.
Then generate a object signing certificate signed with the
own CA key and signing the applet with this cert.

This is a little bit complicated bit works
fine for testing, but if there are many computers
in a large network, you should get a offical
siging Certificate from Verisign or another
CA company.
About | Sitemap | Contact