This discussion is archived
3 Replies Latest reply: Mar 8, 2012 5:22 AM by sabre150 RSS

Problem signing an applet

user851191 Newbie
Currently Being Moderated
Hi everyone,

I have a problem, I have signed Applets with a valid certificate but in some S.O the root certificate there isn't in the "Trusted root CAs" this causes that I launch de Applet, java issue a message "This certificate is not trusted" is there a way to solve this problem, this Applet can be launch for users that don't know add certificate in the "Trusted root CAs",so add the certificate in the store not enough for me (the user doesn't know) , this could work well if I put certification chain in the code signing ??? there someone that know to do this ??

Thank so much, sorry by my english
  • 1. Re: Problem signing an applet
    sabre150 Expert
    Currently Being Moderated
    It would defeat the object of using a CA if an application could bypass the need for a trusted CA without any indication of a problem. Which CA are you using? Have your users 'updated' their systems recently?
  • 2. Re: Problem signing an applet
    user851191 Newbie
    Currently Being Moderated
    The C.A. is Izenpe, it's no possible 'updated' the users, the users can be anyone with Internet access, and some case the user have the CA in the S.O but in other case don't have the CA and I want solve this problem, I have heard that it can put the string in the applet signed certification and wanted to know if anyone knows anything about this.

    Regards
  • 3. Re: Problem signing an applet
    sabre150 Expert
    Currently Being Moderated
    user851191 wrote:
    The C.A. is Izenpe,
    Not really a well know CA and it would seem to be very new so anyone with an old system that has not been updated for some time will not accept it.
    it's no possible 'updated' the users, the users can be anyone with Internet access, and some case the user have the CA in the S.O but in other case don't have the CA and I want solve this problem,
    The problem is that your users do not have your CA in their list of CAs which can only be solved by either you using a more globally acceptable CA or by your users updating their systems.
    I have heard that it can put the string in the applet signed certification and wanted to know if anyone knows anything about this.
    Never heard of this but I would be very surprised and very very alarmed if there was such a security hole.

    Edited by: sabre150 on Mar 8, 2012 1:20 PM

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points