Applet - keystore - certificate

Similar Messages

• Applet digital certificate is diplaying before applet loads

  Hi All,
  I have a drop-down in a jsp page. I want to display a signed applet when I select a particular option from that drop-down list.
  In http mode the digital certificate is displaying only when I select that particular option from dropdown list. (working fine)
  Problem:
  But in https mode the digital certificate is diplaying whenever that jsp loads.(i.e. certificate is diplaying before selecting an value from dropdown list)
  Suggestions please.
  Thanks,
  Krishna

  I am having a similar issue.  Clients using a system running an old version of Crystal Reports are encountering a warning that the digital signature has expired.  It appears to only affect clients using Java 1.5.0 and newer.
  Is there a way to update the digital signature?

• Deploy infobus applet--"Invalidating certificate principals"

  Hi, lots of questions about deploying infobus applet had been
  posted previously, but none of them is my case.
  After finishing generating "package1.jar", I copy every *.jar,
  *.zip file into my deploy directory "c:\temp" as well as the
  package1.applet1.html. But while I open this html file in
  Netscape 4.7, no applet appear. In the java console, the
  following error message appear..
  Invalidating certificate principals in [file:/C|/temp/try/,]
  Can the applet be invoked without webserver?
  I had tried to transfer the whole directory to the website(sun
  webserver), the same error message appear( only change is the
  path now is [155.69.60.117:88])
  Can anyone tell me why?
  thx
  null

  This is hardly an Advanced Language Topic, nor is it Java-related. And who uses Netscape? I'm just playing with you. No but seriously, nobody is gonna answer that here. This is a JAVA forum.

• KeyStore/ Certificates stored by the JRE Runtime

  Hi!
  I use this code
  KeyStore ks = KeyStore.getInstance("pkcs12");
  ks.load(new FileInputStream("test.p12", "password".toCharArray());
  to load a certificate for signing a PDF with the help of iText. The code works fine.
  The same certificate was imported via Java Control Panel (Tab Certificates) into the JRE/System.
  Can I access the certificates stored in the JRE/System for signing, instead of loading the certificate directly?
  The Java API for Keystore says:
  Before a keystore can be accessed, it must be LOADED.
  and LOADED ist linked to the method ks.load()
  There is not hint for accessing the JRE certificates.
  Peter

  if you have a support or CSI then you can log a bug against them for oracle to support you..
  Or you can wait for some product manager here to respond to this and they will take it forward from there to resolve the issue by creating internal SR or bug for you.

• Applets and certificates in jdk1.4

  Hello all...
  I have an applet which imports the java.awt.Robot class. I can not use the methods from a html page due to security restrictions...
  I've searched high and wide for documentation on how to overcome this (as i am only going to be running this applet from my own machine)...i know it involved signing and certificates - i've tried several methods but none seem to work.....does anyone have an idea of exactly how i would go about getting this working??
  Thanks in advance........
  Johnno

  Johno
  If you're only going to run this 'applet' on your own machine why not write a program instead ?

• Signed Applet and certificat expiration

  Hi,
  My applet was signed with a Thawte certificat because it must access printers and TCP/IP layer.
  It's running in a JRE 1.3.1.
  The certifcate will soon expire.
  What will happen ?
  Will my applet still keep on running ?
  Will I be able to renew my certificate once expired or must i do it before ?
  Thanks in advance.

  I have a similar problem in that our company purchased a Verisign certificate last year that was renewed. However, you get a new certificate each year. The problem with this is that we have distributed tens of thousands of applets with one certificate that must now be replaced with a new certificate.
  According to Verisign, this is a fault of Sun for not implementing timestamping within the JRE.
  Is there a plan for timestamping signed certificates?

• Signed Applet and certificate Expiration

  Hi,
  I have got an applet that was signed with a Thawte certificate because it must access printers and TCP/IP layer.
  It's running in a JRE 1.3.1.
  The certifcate will soon expire.
  What will happen ?
  Will my signed applet still keep on running ?
  Will I be able to renew my certificate once expired or must i do it before ?
  Thanks in advance.

  it'll run... fine... except that the user will be warned that the certificate has expired and they'll have to decide to let the applet run or not... so the user can have it not run.
  you can renew your certificate any time you want, and re-sign your jars with the new certificate.

• Applet won't get client certificate from browser

  Hi,
  We have an applet that runs fine as long as we don't have the web server require a client certificate. This applet runs inside a protected Intranet with a standard client JRE version 1.4.2 The rules of the intranet state that client certificates are required. So we registered our certificates with the JRE plug in in the browser and NaDa...
  I have read all sorts of things out there on the web that says the end user must register a personal Keystore and then we must code the applet to look into the end user's keystore for the certificate and the user must type in their personal password for the keystore into some sort of a form for the applet to read the keystore certificate.
  This sounds illogical and I strongly suspect that I am mis-interpreting what is being said...
  Can anyone help me understand what I am missing? (or perhaps point to a tutorial that has some better info in it...) I have looked at the Sun Java tutorial for applets didn't see any specific info regarding this type of problem- solution.
  Thanks for any pointers or suggestions you might have.
  JpGuy

  Hi,
  We have an applet that runs fine as long as we don't have the web server require a client certificate. This applet runs inside a protected Intranet with a standard client JRE version 1.4.2 The rules of the intranet state that client certificates are required. So we registered our certificates with the JRE plug in in the browser and NaDa...
  I have read all sorts of things out there on the web that says the end user must register a personal Keystore and then we must code the applet to look into the end user's keystore for the certificate and the user must type in their personal password for the keystore into some sort of a form for the applet to read the keystore certificate.
  This sounds illogical and I strongly suspect that I am mis-interpreting what is being said...
  Can anyone help me understand what I am missing? (or perhaps point to a tutorial that has some better info in it...) I have looked at the Sun Java tutorial for applets didn't see any specific info regarding this type of problem- solution.
  Thanks for any pointers or suggestions you might have.
  JpGuy

• Invalid keystore format

  I have a Java applet (called PALS) that was developed with version 1.5 update 7. It has been signed with a digital certificate from Thawte. Recently a customer had her Windows XP machine re-imaged, and that image comes with the Java 6 JRE. Others have had this done and were still able to run my applet, but she gets an error message that complains about an "invalid keystore format."
  I tried going into the Java Console and removing the user's PALS certificate, but it also complains about the keystore format. I then tried just removing Java 6 and installing Java 5, hoping that that would would clear things up, but she gets the same error.
  Am I correct that when a user runs my applet the certificate is read from the JAR file and placed in a keystore on their machine? If the keystore has the wrong format, can I just delete it, and where is that file? I thought it was supposed to have the name .keystore but I can't find that anywhere.

  That was where I was expecting to find it, but it's not there. On a machine that hasn't been corrupted like my customer's, I can open up the Java Control Panel, go to the Security tab, click on certificates, and see the certificate that was used to sign the JAR file, but I don't have a .keystore file.
  If it hasn't saved it in a file, where did it put it?
  Thanks for your reply.

• How to sign in Applet?

  Hello,
  How to sign in the Applet? I have try many way to do this but still not successfull.
  I need a webpage that really have the step by step instructions. thanks a lot. ( sorry for saying that, because I really tired to follow those instruction that not complete or confusing )
  What is the certificate? where can I get this? Is it keystore = certificate?
  Do I need to connect to the Internet when I signing up my Applet?
  Why sign in Applet?
  Thanks.

  see if helps,
  http://forum.java.sun.com/thread.jsp?forum=54&thread=103843

• Need help reading files from a simple applet

  hi everyone,
  i have the following problem while trying to read from a file:
  java.security.AccessControlException: access denied (java.io.FilePermission dr.xml read)
  this problem shows up only when loading applet from a browser... if i use appletviewer everithing is ok.
  this is the code:
          cycle = new String[2];
          phase = new String[8];
          v = new Vector();
          int temp;
          try {
              try {
                  fis = new FileInputStream("dr.xml");
                  while ((temp = fis.read()) > 0) {
                      buf += (char) temp;
                  fis.close();
                  fis = null;
              } catch (java.io.FileNotFoundException ex) {
                  System.out.println("File does not exist. ");
          } catch (java.io.IOException ex) {
              System.out.println("error. ");
              ex.printStackTrace();
          }thanks

  You don't have access to the file system. Think about it, you visit a web page and an applet starts reading your files? That's a HUGE security risk.
  That said, I think you can do this if you have a signed/trusted applet. Google "signed applets" and "certificates"

• Seeburger AS2 Certificates updates

  Dear Experts,
  We're having a problem to add in new certificates from our partner. For your info we're using Seeburger AS2 connect and no one knows how to update the certificates including our vendors. Please let me know how to update the certificates. Thank you

  Hi,
  if you are on PI 7.1x go to Netweaver Administrator (http://server:port/nwa)
  Then go to Configuration Management -->  Security --> Certificates and Keys
  There you shold find several Key Stores ("Key Storage Views")
  Select the Keystore which holds the AS2 certificates.
  If you are not sure which one is the correct one, check your Sender/Receiver Agreements in the Integration Directory.
  The certificates that you specified as TRUSTED\<keystore>\certificate-name in your AS2 configuration are the ones you have to change.
  In the "Key Storage View Details" you can add, modify, delete,... the certificates.
  regards,
  Daniel

• Applet Permission Network Problem

  Hi,
  I have done alot of reading up on applets, to be honest Im more confused when I started!
  Basically, here is the scenario:
  I have a single java applet, which is a gui that takes some input and then fires it off (via UDP sock connection) to another machine on the same network, this works fine when using appletviewer and granting certain permissions.
  But when I try and run it as an applet in a normal browser window it does not work, obviously because I am not "granting" permissions like in the appletviewer.
  To be honest I dont want to have to start signing applets and certificates etc, this is not going to be a distributed app, so its for inhouse use it doesnt need to access the users local filesystem, so is there any way of doing this successfully, without all of the above and converting it to an application.
  Thanks in advance,
  Foobarr

  Jsalonen: I dont think it is as easy as that, I have
  tried various steps like mentioned, how do I embed the
  applet so it knows to look for the cert etc??
  In the simplest case you don't even need to provide a certificate, just make a signed .jar file with the jarsigner tool and write a normal <applet> tag:
  <applet code="MyMainAppletClass" archive="signed.jar" width="xxx" height="yyy">
  </applet>

• Retrieved public key not match with real public key on certificate

  //@@public key from certificate
  *30 81 89 02 81 81*
  +00 92 28 98 7b 71 5e 3b 58 93 7a 58 cd 9e b8 17 c6 8e 74 51 c7 32 be 73 c6 54 d6 e5 3b c8 3c 89 c5 6c cd 59 b2 40 58 f2 83 f4 8d c8 b0 5f 57 26 d9 27 88 ff 76 1b 2d 5e 78 8c aa 66 2e 68 1e ed 01 5a 09 c9 5f fb 11 9d 33 4d 57 f1 02 f8 61 4b 71 08 c9 da db 5c a7 c8 fa a6 ed f6 d5 1b 78 72 20 33 0b 80 6c 07 e0 14 7c 49 b5 e3 aa 39 79 28 9e 76 3f 9c 23 7b ea 5c b3 fd 79 cb d5 71 3d d4 f9 02 03 01 00 01+
  //@@retrieved public key from certificate partially not match
  *30 3F 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 3F 3F 00 30 3F 89 02 3F 3F*
  +00 92 28 98 7B 71 5E 3B 58 93 7A 58 CD 9E B8 17 C6 8E 74 51 C7 32 BE 73 C6 54 D6 E5 3B C8 3C 89 C5 6C CD 59 B2 40 58 F2 83 F4 3F C8 B0 5F 57 26 D9 27 88 FF 76 1B 2D 5E 78 8C AA 66 2E 68 1E ED 01 5A 09 C9 5F FB 11 3F 33 4D 57 F1 02 F8 61 4B 71 08 C9 DA DB 5C A7 C8 FA A6 ED F6 D5 1B 78 72 20 33 0B 80 6C 07 E0 14 7C 49 B5 E3 AA 39 79 28 9E 76 3F 9C 23 7B EA 5C B3 FD 79 CB D5 71 3D D4 F9 02 03 01 00 01+
       * Convert into hex values
       private static String hex(String binStr) {
            String newStr = new String();
            try {
                 String hexStr = "0123456789ABCDEF";
                 byte [] p = binStr.getBytes();
                 for(int k=0; k < p.length; k++ ){
                      int j = ( p[k] >> 4 )&0xF;
                      newStr = newStr + hexStr.charAt( j );
                      j = p[k]&0xF;
                      newStr = newStr + hexStr.charAt( j ) + " ";
            } catch (Exception e) {
                 System.out.println("Failed to convert into hex values: " + e);
            return newStr;
       * Get public key from keystore.
       * The public key is in the certificate.
       private static Key getPublicKey(String keyname, String keystore)
       throws IOException, KeyStoreException, NoSuchAlgorithmException,
       CertificateException {
            KeyStore ks = KeyStore.getInstance("JKS");
            ks.load(new FileInputStream(keystore), KEYSTORE_PASS.toCharArray());
            X509Certificate cert = (X509Certificate) ks.getCertificate(keyname);
            if (cert != null) {
                 return cert.getPublicKey();
            return null;
  // Read the public key from keystore certificate
                 RSAPublicKey keystorepub = (RSAPublicKey) keystorecert.getPublicKey();
                 tempPub = keystorepub.getEncoded();
                 sPub = new String( tempPub );
                 System.out.println("Public key from keystore:\n" + hex(sPub) + "\n");Italic part is match part however bold part is not match, i think should be calculation on convert hex incorrect.

  the public key on certificate can view direct in hex format although inside the certificate is in byte[] format,hence during extract public key from certificate via java code,need to convert from byte[] to hex string and then compare it.
  this is the picture of certificate that display public key in hex format
  [http://i225.photobucket.com/albums/dd135/ocibala109/cert.jpg]
  Edited by: ocibala on Oct 7, 2008 8:51 PM

• Certificate dialog not displayed

  I have signed an applet (self certificate) and the
  certificate dialog is shown when running IE.
  Everything Ok, thus until I asked a friend to check
  the applet. He did not get the dialog asking to grant/deny
  etc the applet.
  In fact, when I just changed to another computer I got
  the same strange error. No dialog, no running applet - just
  a gray box.
  Thus, my signed applet will only run correctly when running from
  the PC where it was developed, and where the certificate etc
  was created.
  What is missing?

  I have signed an applet (self certificate) and the
  certificate dialog is shown when running IE.
  Everything Ok, thus until I asked a friend to check
  the applet. He did not get the dialog asking to
  grant/deny
  etc the applet.
  In fact, when I just changed to another computer I
  got
  the same strange error. No dialog, no running applet -
  just
  a gray box.
  Thus, my signed applet will only run correctly when
  running from
  the PC where it was developed, and where the
  certificate etc
  was created.
  What is missing?
  many times when you have a greay box its only because no jvm are installed, or just not set to work with the brownser (or disable)