Skip to main content

Jar signing your java 3d applet with a certificate steps

No replies
Joined: 2009-02-26

Hi. I went through trials and tribulations signing my java 3D applet so that I dont get an unknown publisher warning when people use my applet. It was quite an ordeal and thought I'd share my experience. Hopefully its not too off topic.

1. Went to the cheapest place to buy the certificate which was $US99. Verisign was about $400 for the same thing.

2. Then after buying the certificate they verify you and found you must send them:

Business name - validate certificate -if you want the certificate in your company name

Phone with bill and phone number on it with business name and address on it. If your email address is they will check whois and make sure's phone number matches the number you give them. I actually had to buy a new phone to get past this point as I had a prepaid mobile phone which they don't accept.

3. Once you send them these docs they will call you on the number you provide. Then once they've validated you they email a link with your certificate on it

4. I will give you the steps I used with Firefox for exporting the certificate from Firefox. When you click on the link it gets imported into firefox. You then backup the certificate in firefox by going to
view certificates
your certificates tab
click on your certificate
then click 'backup'

It will generate p12 (eg skinhat.p12) file to where you specify.

5. Once you've got the p12 file you can then sign your jar file with the command:

jarsigner -storetype pkcs12 -keystore skinhat.p12 mudclient3d.jar "skinhat's the usertrust network id"

The last string in quotes is the keystore name. You can get your keystore name by doing:

keytool -list -storetype pkcs12 -keystore skinhat.p12

Keystore type: pkcs12
Keystore provider: SunJSSE

Your keystore contains 1 entry

skinhat's the usertrust network id, 15/06/2010, keyEntry,
Certificate fingerprint (MD5): 35:25:1E:98:66:C4:9D:5F:38:62:AD:D4:82:7F:1E:B8

Hopefully people will find this useful