Thursday, July 1, 2010

Signing an Applet

Signing an Applet is extremely useful if your applet needs permissions to make socket connections, do file I/O, etc. That said, it is tricky. Here are some instructions for Windows.

1) Locate your Java JDK directory and it's bin/ subdirectory.
2) Use keytool at the command prompt to generate a pair of keys (public and private). More information on the exact commands to use can be found here: SSL Shopper keytool tutorial.
3) Generate a jar file containing all the code for your applet. In Eclipse this can be done by right clicking on the project folder, clicking export, then selecting Java->JAR File. If you reference other external JAR libraries in your applet project, then things get a bit more complicated. The standard eclipse jar tool will NOT unpackage those external JARs and repackage them into your new JAR. Instead you need to install and use the Fat Jar plugin. To use the Fat Jar plugin right click on your project folder and click "Build Fat Jar" with the green plus sign next to it.
4) Use jarsigner to sign the Jar (applet). The command I use to do this is

"C:\Program Files\Java\jdk1.6.0_17\bin\jarsigner.exe" -keystore C:\Users\Peter\.keystore
-storepass password1 -keypass password2 -signedjar signedapplet.jar step3.jar applet

Your keystore may be in a different location. Obviously, replace password1 and password2 with the passwords you chose while using keytool in step 2.

No comments :

Post a Comment