0 Replies Latest reply: Sep 4, 2013 7:00 PM by .:zulu:. RSS

    When I sign my Applet it doesn't work anymore in Java 7u25

    .:zulu:.

      I try to sign my Applet and followed the best practices described by Oracle.

       

      I try to deploy the Applet in a corporate Windows environment and sign the Applet via a private/public key stored in the Windows key store (storetype:windows-my), code sign key supplied by corperate. When I verify the signed jar all seems oke and all  keys are valid.

       

      Only whatever I do the applet doesn't run in Java 7u25. When I do not sign the applet, it runs fine.

      When running Java version below 7u25 the Applet also runs fine.

       

      I understand there is a major change in 7u25 concerning handling certificates only I am lost to find a solution to let my Applet run under 7u25.

      It seems my certificate is expired (or in the chain), only it is not, all certificates are in order, also during verify there seems to be no problem.

      Do I encounter a bug in 7u25? Or do I miss something?

       

       

      I jar my project with following statement:

      jar cvfm projx.signed.J7.25.H1.jar MANIFEST.MF -C ..\projx\ .

       

      Manifest:

      Permissions: all-permissions

      Trusted-Only: true

      Main-Class: my.projx.applet.MyApplet

      Codebase: *

       

      And add a index:

      jar i projx.signed.J7.25.H1.jar

       

      Repack the jar:

      pack200 --repack projx.signed.J7.25.H1.jar

       

      Add a timestamp:

      jarsigner -storetype windows-my -tsa http://tsa.starfieldtech.com/ projx.signed.J7.25.H1.jar MYKEY

       

      Sign the jar:

      jarsigner  -verbose -storetype windows-my -certs projx.signed.J7.25.H1.jar MYKEY

       

      Pack the jar:

      pack200 projx.signed.J7.25.H1.jar.pack.gz projx.signed.J7.25.H1.jar

       

      jnlp Deployment:

      <?xml version="1.0" encoding="UTF-8"?>

       

      <jnlp spec="1.0+" codebase="" href="">

       

           <information>

       

                <title>My test project to learn signing</title>

       

                <vendor>zulu</vendor>

       

           </information>

       

           <resources>

       

                <!-- Application Resources -->

       

                <j2se version="1.7+" href="http://java.sun.com/products/autodl/j2se"/>

       

                <jar href="projx.signed.J7.25.H1.jar" main="true" />

       

           </resources>

       

           <security>

       

                <all-permissions/>

       

           </security>

       

           <applet-desc

       

                name="My Test Applet"

       

                main-class="my.projx.applet.MyApplet"

       

                width="1024"

       

                height="700">

       

           </applet-desc>

       

           <update check="background"/>

       

      </jnlp>

       

      tx in advance zulu!