Generate a Testing Certificate for Signing an Applet
All jar files of an applet deployed on a remote Web server must be signed with the same certificate before the applet is deployed. The following steps describe how to generate a test certificate for signing the jar files. We will use the tool called keytool, which is included in the Oracle Java Development Kit.
- Create a keystore with an RSA encryption key.
Invoke the following in a command-line terminal:
keytool -genkey -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "cn=your name here, ou=organization unit name, o=organization name, c=US"
This command creates a keystore file called
keystore.pkcs. The certificate attributes are specified in thednameparameter: common name of the certificate, organization unit name (for example, Purchasing or Sales Department), organization name, country. - Generate a self-signed certificate.
Invoke the following in a command-line terminal:
keytool -selfcert -alias myAlias -keystore keystore.pkcs -storetype PKCS12
- Optionally display the certificate details in a human readable form.
First, the certificate must be exported to a separate file with the following command:
keytool -export -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -file certfile.cer
The certificate details are displayed with the command:
keytool -printcert -file certfile.cer
- Edit the
default.propertiesfile and fill-in the parameters that hold the path tokeystore.pkcsfile (keystoreparameter), keystore type (storetypeparameter, withJSKorPKCS12as possible values), alias (aliasparameter) and password (passwordparameter). - The jar files are automatically signed during the package phase of the Maven build.