Can someone please tell me why am I recieveing this error message when my signed applet is being loaded?
Check netscape bits 5,6,7 value failed in certificate.
From the java code that I've found on this site below, it seems that I need to have either bit 5 & 6 set to false or bit 7 has to be set to true.
Here is the piece of java code.
/ Check Netscape certificate type extension
if (xcert.getExtensionValue(OID_NETSCAPE_CERT_TYPE) != null)
// Require either bits 5,6 are false or that at least bit 7 be true
if ((CertUtils.getNetscapeCertTypeBit(xcert, NSCT_SSL_CA) == true ||
CertUtils.getNetscapeCertTypeBit(xcert, NSCT_S_MIME_CA) == true) &&
CertUtils.getNetscapeCertTypeBit(xcert, NSCT_OBJECT_SIGNING_CA) == false)
msg = ResourceManager.getMessage("trustdecider.check.basicconstraints.bitvalue");
throw new CertPathValidatorException(msg);
Here is the NetscapeCertType section of my public key:
#6: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
Applet was signed by keytool without any warnings, which means all the required "signing" extensions have been provided.