This content has been marked as final. Show 5 replies
921326 wrote:Anyone can create a self signed certificate for any name they choose and an Applet signed using the certificate and it's associated private key will show that name BUT since it is self signed the user will be prompted to accept it since the signer CA will not be in the trust store. This allows anyone to create a self-signed Applet with name, say, Oracle when it has nothing to do with Oracle.
I signed my applet using self cert, and i got "UNKNOWN" publisher name.
So i want to ask if i can change this publisher name using self cert. or i have to buy a certification to get access to this parameter?
do you mean that i can put any name that i want using self certificate ?
if so how can i do this?
Check out the "-dname" argument to "keytool -genkeypair" - see http://docs.oracle.com/javase/1.5.0/docs/tooldocs/solaris/keytool.html .
I cannot see any effect by filling out the -dname like said in the linked article.
The only thing which is visible in the securty warning window is the "Name" and the "From" values. The "Publisher" value is still UNKNOWN.
When I try to compare the applet parameters or thinking about other reasons, how the values are filled out:
1. "Name" shows for sure the value of the applet parameter "name" (<applet name="..." ... </applet>)
2. "From" is maybe the web server adress where the hosted web application is running
but where does the value for "Publisher" comes from? Any ideas? Could you understand, what I mean or wha I'm asking for?
Thank you for any help.
Googling for "self signed certificate publisher" reveals this: http://stackoverflow.com/questions/6086524/how-can-i-set-the-publisher-name-in-my-signed-jar-file-using-a-self-signed-cert.
Most probably the first answer is right.