Java Reference
In-Depth Information
For testing purposes, the keystore and jarsigner tools in the JDK can be used to create
a key and use it to digitally sign a JAR file.
The first step is to use keytool to create a key and assign it an alias and password:
keytool -genkey -alias examplekey -keypass swordfish
The -genkey argument generates a new key—which in this example is named exam-
plekey and has the password “swordfish”. If this is the first time keytool has been used,
you'll be prompted for a password that protects access to the key database, which is
called a keystore .
After a key has been placed in the keystore, it can be used with the jarsigner tool to
sign an archive file. This tool requires the keystore and key passwords and the alias of
the key. Here's how the PageData.jar archive could be signed with the examplekey key:
jarsigner -storepass secret -keypass swordfish PageData.jar examplekey
The keystore password in this example is “secret”. The security certificate used to sign
the archive will last 90 days and will be described as an “untrusted source” when the
Java Web Start application is run.
There's no easy way to avoid being described as “untrusted.” The
only way to establish your trustworthiness is to go through one of
the professional certificate-granting companies.
Java developer Roedy Green offers a guide to Java security certifi-
cation that lists several companies and the prices that they
charge. Visit the web page http://mindprod.com/jgloss/
certificate.html.
NOTE
Supporting Web Start on a Server
If your server does not support Java Web Start, which is more likely than not because it
is a relatively new technology, you might see the text of your JNLP file loaded in a page,
and the application will not open.
A web server must be configured to recognize that JNLP files are a new type of data that
should cause a Java application to run. This is usually accomplished by setting the
MIME type associated with files of the extension JNLP.
14
MIME, which is an acronym for Multipurpose Internet Mail Extensions, is a protocol for
defining Internet content such as email messages, attached files, and any file that can be
delivered by a web server.
Search WWH ::




Custom Search