I try to sign my Applet and followed the best practices described by Oracle.
I try to deploy the Applet in a corporate Windows environment and sign the Applet via a private/public key stored in the Windows key store (storetype:windows-my), code sign key supplied by corperate. When I verify the signed jar all seems oke and all keys are valid.
Only whatever I do the applet doesn't run in Java 7u25. When I do not sign the applet, it runs fine.
When running Java version below 7u25 the Applet also runs fine.
I understand there is a major change in 7u25 concerning handling certificates only I am lost to find a solution to let my Applet run under 7u25.
It seems my certificate is expired (or in the chain), only it is not, all certificates are in order, also during verify there seems to be no problem.
Do I encounter a bug in 7u25? Or do I miss something?
I jar my project with following statement:
jar cvfm projx.signed.J7.25.H1.jar MANIFEST.MF -C ..\projx\ .
And add a index:
jar i projx.signed.J7.25.H1.jar
Repack the jar:
pack200 --repack projx.signed.J7.25.H1.jar
Add a timestamp:
jarsigner -storetype windows-my -tsa http://tsa.starfieldtech.com/ projx.signed.J7.25.H1.jar MYKEY
Sign the jar:
jarsigner -verbose -storetype windows-my -certs projx.signed.J7.25.H1.jar MYKEY
Pack the jar:
pack200 projx.signed.J7.25.H1.jar.pack.gz projx.signed.J7.25.H1.jar
<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="" href="">
<title>My test project to learn signing</title>
<!-- Application Resources -->
<j2se version="1.7+" href="http://java.sun.com/products/autodl/j2se"/>
<jar href="projx.signed.J7.25.H1.jar" main="true" />
name="My Test Applet"
tx in advance zulu!