Message-Id: <v03007800b0b7da1097ce@[202.12.88.146]>
Date: Sat, 13 Dec 1997 17:22:22 +1100
To: java-security@web2.javasoft.com
From: John Orendt <jorendt@ozemail.com.au>
Subject: creates a Duke identity, keys, certificate, then creates an
Hi
Thanks for your Netscape and IE URLs regarding applet security.
Now, I'm trying to follow the example on
http://java.sun.com/security/signExample/doit on a PC
which follows:
#! /bin/csh
# Step 1. Create the Duke identity, as a trusted identity
javakey -cs Duke true
# Step 2. Generate a keypair for Duke, and store the public key in a file
named
# Duke_pub and the private key in a file named Duke_priv
javakey -gk Duke DSA 512 Duke_pub Duke_priv
# Step 3. Generate an x509 certificate for Duke, and store it in the file
# named Duke.x509. This output file name is given in the directive file
# named cert_directive_Duke.
javakey -gc cert_directive_Duke
# Step 4. Create the archive.
***** John notes that one must also: javac writeFile.java to get
writeFile.class
jar cf signedWriteFile.jar writeFile.class writeFile.html
# Step 5. Sign the archive, using the parameters given in
sign_directive_Duke.
javakey -gs sign_directive_Duke signedWriteFile.jar
# Step 6. Move the signed archive to a file suffixed in .jar.
mv signedWriteFile.jar.sig signedWriteFile.jar
# Step 7. Show the contents of the signed archive.
echo " "
echo "Contents of the archive are: "
jar tvf signedWriteFile.jar
# Step 8 . Show the contents of the identity database.
echo " "
echo "Contents of the identity database are: "
javakey -ld
------------------------------------------------------------------
now here is my dos version of the same
javakey -cs Duke true
javakey -gk Duke DSA 512 Duke_pub Duke_priv
javakey -gc cert_directive_Duke
javac writeFile.java
jar cf signedWriteFile.jar writeFile.class writeFile.html
javakey -gs sign_directive_Duke signedWriteFile.jar
del signedWriteFile.jar
rename signedWriteFile.jar.sig signedWriteFile.jar
jar tvf signedWriteFile.jar
rem This process all seemed to work fine.
rem until
appletviewer signedWriteFile.html
rem which for me generated a security exception
-------------------------------------------------------
do I need a signature from a cerifiying authority?
Best
John
John Orendt jorendt@ozemail.com.au Sydney NSW Australia
Check out my home page: http://www.ozemail.com.au/~jorendt/
Home 61-2-9981-5890 Mobile 61-411-348700 PGP aware
John Orendt jorendt@ozemail.com.au Sydney NSW Australia
Check out my home page: http://www.ozemail.com.au/~jorendt
Home 61-2-9981-5890 Mobile 61-411-348700 PGP Aware