signing jar files

deepakg@in.ibm.com
Wed, 31 Mar 1999 13:05:41 +0530

From: deepakg@in.ibm.com
To: java-security@java.sun.com
Date: Wed, 31 Mar 1999 13:05:41 +0530
Subject: signing jar files

Hi,

I was recently working on java version 1.2 concerning security aspects
and the signing of jar files. I created a key using the keytool -genkey
option. The key that was generated was stored in the .keystore in the home
path as specified in the documentation. But when I use the policytool to
grant permission to jar files signed by the alias specified in the key, the
policytool gives me a warning which says that the public key for that
particular alias in not found.

This causes security violations when I try to run the applet using
the archive option in the <applet> tag.

Also, when I store the key generated in a keystore specified as
"mystore" and try to run the applet having granted the permission to allow
applets signed by the key present in"mystore", a security restriction
appears. The java.policy file is present in /jre/lib/security.

Any solutions?

Bye.

DEEPAK.K.G