 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / November 2003Policy File Relevant in Java Plug In 1.4.2
Is a policy file relevant for granting permissions to signed applets in the 1.4.2 plug in? I am trying to develop an applet that needs to have all access to machines and I don't want to buy a certificate from Verisign, etc. I am trying to use "keytool" to generate a self-signed certificate for testing. I use my applet in a browser and I get asked if I'd like to grant permissions and I answer "yes". Then when I try to make a call to create a socket connection to a different machine, I get a security violation. I've seen ALL KINDS of documentation on this concerning RSA vs. DSA, self-signed versus Verisigned certificates, etc. but nothing seems to help. There are very few commands I have at my disposal to monkey with. keytool, jarsigner and the HTML itself, the applet code itself... Help please, it's driving me nuts. "Hello, I bought a car but I don't want to contact DMV. Anyone knows a reliable way to print driver license so it looks totally like a real one? Can I get such printing system in whole for myself and my friends? We are all really good hurmless guys, we just hate to pay a penny unless we are really forced to". Thinking a bit deeper your question comes to this. since this last reply is pretty useless and unqualified, i try it. did you try to import your self-signed certificate in the truststore of your JRE or plug-in? for the plug-in you can do this in the plug-in panel. for the JRE itself, you can import the certificate into the j2re1.4.2\lib\security\cacerts file, which is just a Java keystore (JKS keystore type). you can use the keytool for this. howver, i am not sure if adding a a self-signed certificate has an effect. if it does not work with the self-signed certificate, you may download a software like openssl and setup a simple CA for your own. it is not a big deal and there is documentation about this in the net. if you add your own CA certificate to the store where the other certificates like Verisign's are, your CA should be treated the same way. if you use your applets and certificates only in a closed environment, or if it is feasible to install the CA certificate, it does not really make sense to buy a expensive certificate from a commercial CA. hope this helps. regards. Karl > "Hello, I bought a car but I don't want to contact DMV. Anyone knows a > reliable way to print driver license so it looks totally like a real [quoted text clipped - 3 lines] > > Thinking a bit deeper your question comes to this. > did you try to import your self-signed certificate in the truststore of your > JRE or plug-in? for the plug-in you can do this in the plug-in panel. for > the JRE itself, you can import the certificate into the [snip] > if you use your applets and certificates only in a closed environment, or if > it is feasible to install the CA certificate, it does not really make sense [quoted text clipped - 3 lines] > > Karl Thank you for your response. My application is indeed targeted at an internal "Intranet" environment. No deep thinking required here! Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.