All jar files of an applet deployed on a remote Web server must be signed with the same
certificate before the applet is deployed. The following steps describe how to generate a
test certificate for signing the jar files. We will use the tool called
keytool, which is included in the Oracle Java Development Kit.
-
Create a keystore with an RSA encryption key.
Invoke the following in a command-line
terminal:
keytool -genkey -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "cn=your name here, ou=organization unit name, o=organization name, c=US"
This command creates a keystore file called
keystore.pkcs. The certificate attributes are specified in the
dname parameter: common name of the certificate, organization unit
name (for example, Purchasing or Sales Department), organization name,
country.
-
Generate a self-signed certificate.
Invoke the following in a command-line
terminal:
keytool -selfcert -alias myAlias -keystore keystore.pkcs -storetype PKCS12
-
Optionally display the certificate details in a human readable form.
First, the certificate must be exported to a separate file with the following
command:
keytool -export -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -file certfile.cer
The certificate details are displayed with the
command:
keytool -printcert -file certfile.cer
-
Edit the default.properties file and fill-in the parameters that
hold the path to keystore.pkcs file (
keystore
parameter), keystore type (storetype parameter, with
JSK or PKCS12 as possible values), alias
(alias parameter) and password (password
parameter).
-
The jar files are automatically signed during the package phase of the
Maven build.