All JAR files of an applet deployed on a
remote Web server must be signed with the same certificate before the applet is deployed.
The following steps describe how to generate a test certificate for signing the
JAR files. We will use the tool called Keytool, which is included in
the Oracle Java Development Kit.
-
Create a keystore with an RSA
encryption key.
Invoke the following in a command-line terminal:
keytool -genkey -alias myAlias -keystore keystore.pkcs -storetype PKCS12
-keyalg RSA -keysize 2048 -dname "cn=your name here, ou=organization unit name,
o=organization name, c=US"
This command creates a keystore file called
keystore.pkcs. The certificate attributes are specified in the
dname parameter: common name of the certificate, organization unit
name (for example, Purchasing or Sales Department), organization name,
country.
-
Generate a self-signed certificate.
Invoke the following in a command-line terminal:
keytool -selfcert -alias myAlias -keystore keystore.pkcs -storetype
PKCS12
-
Optionally display the certificate details in a human readable form.
First, the certificate must be exported to a separate file with the following
command:
keytool -export -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -file
certfile.cer
The certificate details are displayed with the command:
keytool -printcert -file certfile.cer
-
Edit the default.properties file and fill-in the parameters that
hold the path to keystore.pkcs file (
keystore
parameter), keystore type (storetype parameter, with
JSK or PKCS12 as possible values), alias
(alias parameter) and password (password
parameter).
-
The JAR files are automatically signed during the package
phase of the Maven build.