下面是java.sun.com的论坛上的一段:These steps describe the creation of a self-signed applet. This is useful for testing purposes. For use of public reachable applets, there will be needed a "real" certificate issued by an authority like VeriSign or Thawte. (See step 10 - no user will import and trust a self-signed applet from an unkown developer). The applet needs to run in the plugin, as only the plugin is platform- and browser-independent. And without this indepence, it makes no sense to use java... 1. Create your code for the applet as usual.
It is not necessary to set any permissions or use security managers in
the code. 2. Install JDK 1.3
Path for use of the following commands: [jdk 1.3 path]\bin\
(commands are keytool, jar, jarsigner)
Password for the keystore is *any* password. Only Sun knows why...
perhaps ;-) 3. Generate key: keytool -genkey -keyalg rsa -alias tstkey
Enter keystore password: *******
What is your first and last name?
[Unknown]: Your Name
What is the name of your organizational unit?
[Unknown]: YourUnit
What is the name of your organization?
[Unknown]: YourOrg
What is the name of your City or Locality?
[Unknown]: YourCity
What is the name of your State or Province?
[Unknown]: YS
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
correct?
[no]: yes (wait...) Enter key password for tstkey
(RETURN if same as keystore password): (press [enter]) 4. Export key: keytool -export -alias tstkey -file tstcert.crt Enter keystore password: *******
Certificate stored in file tstcert.crt 5. Create JAR: jar cvf tst.jar tst.class
Add all classes used in your project by typing the classnames in the
same line. added manifest
adding: tst.class(in = 849) (out= 536)(deflated 36%) 6. Verify JAR: jar tvf tst.jar Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF
849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class 7. Sign JAR: jarsigner tst.jar tstkey
Enter Passphrase for keystore: ******* 8. Verifiy Signing: jarsigner -verify -verbose -certs tst.jar 130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF
183 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF
920 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA
Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
smk 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
(tstkey) s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope jar verified. 9. Create HTML-File for use of the Applet by the Sun Plugin 1.3
(recommended to use HTML Converter Version 1.3) 10. Place a link to the .crt file (created in step 4) in the HTML-File.
This .crt file has to be opened by the browser and has to be set to
trusted,
as the root CA for testing is not known to the browser. For use with
"real" certificates, this step should not be necessary.
It is not necessary to set any permissions or use security managers in
the code. 2. Install JDK 1.3
Path for use of the following commands: [jdk 1.3 path]\bin\
(commands are keytool, jar, jarsigner)
Password for the keystore is *any* password. Only Sun knows why...
perhaps ;-) 3. Generate key: keytool -genkey -keyalg rsa -alias tstkey
Enter keystore password: *******
What is your first and last name?
[Unknown]: Your Name
What is the name of your organizational unit?
[Unknown]: YourUnit
What is the name of your organization?
[Unknown]: YourOrg
What is the name of your City or Locality?
[Unknown]: YourCity
What is the name of your State or Province?
[Unknown]: YS
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
correct?
[no]: yes (wait...) Enter key password for tstkey
(RETURN if same as keystore password): (press [enter]) 4. Export key: keytool -export -alias tstkey -file tstcert.crt Enter keystore password: *******
Certificate stored in file tstcert.crt 5. Create JAR: jar cvf tst.jar tst.class
Add all classes used in your project by typing the classnames in the
same line. added manifest
adding: tst.class(in = 849) (out= 536)(deflated 36%) 6. Verify JAR: jar tvf tst.jar Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
68 Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/MANIFEST.MF
849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class 7. Sign JAR: jarsigner tst.jar tstkey
Enter Passphrase for keystore: ******* 8. Verifiy Signing: jarsigner -verify -verbose -certs tst.jar 130 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/MANIFEST.MF
183 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.SF
920 Thu Jul 27 13:04:12 GMT+02:00 2000 META-INF/TSTKEY.RSA
Thu Jul 27 12:58:28 GMT+02:00 2000 META-INF/
smk 849 Thu Jul 27 12:49:04 GMT+02:00 2000 tst.class X.509, CN=Your Name, OU=YourUnit, O=YourOrg, L=YourCity, ST=YS, C=US
(tstkey) s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope jar verified. 9. Create HTML-File for use of the Applet by the Sun Plugin 1.3
(recommended to use HTML Converter Version 1.3) 10. Place a link to the .crt file (created in step 4) in the HTML-File.
This .crt file has to be opened by the browser and has to be set to
trusted,
as the root CA for testing is not known to the browser. For use with
"real" certificates, this step should not be necessary.
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货