Signing webstart with 1.5

Thread view:

doug.descombaz@gmail.com - 15 Aug 2006 17:17 GMT

I am signing a jar that I am deploying with webstart. When I click on
the link, the application loads, then dies without ever prompting me if
I trust the certificate or not. I looked at the console output, and the
application stopped because of a security exception. That is what I
would expect if the jar wasn't signed.

>> I used keytool to create a keystore on my local machine.
>> Signed the jar.
>> Pushed the jar to the webserver.
>> Attempted to start it.

I've found some messages regarding the need to get a proper certificate
in Java 1.5, but not being a security person, it wasn't clear to me
what certificate the person was talking about, or how to go about
getting one. (I assume I don't have to go to verisign to test an app?).

Reply to this Message

doug.descombaz@gmail.com - 16 Aug 2006 18:13 GMT

Nevermind,

The answer was that the <security> tag information had to be placed
before the <information> tag information. I think this is a work around
to an unusual bug. I posted it on sun. Perhaps they will agree with me,
or they will not. The behavior is different than 1.4.

> I am signing a jar that I am deploying with webstart. When I click on
> the link, the application loads, then dies without ever prompting me if
[quoted text clipped - 11 lines]
> what certificate the person was talking about, or how to go about
> getting one. (I assume I don't have to go to verisign to test an app?).

Reply to this Message

Signing webstart with 1.5

Free Magazines