Re: Self-signed security certificates.. (oh, the evil)

From: "Dag Sunde" <me@xxxxxxxxxxxx>
Date: Wed, 14 Sep 2005 19:18:32 GMT

"Darren" <Daz@xxxxxxxxxxxxxxx> wrote in message
news:bIZVe.6391$st1.4056@xxxxxxxxxxxxxxxxxxxxxxx
>
> "Dag Sunde" <me@xxxxxxxxxxxx> wrote in message
> news:LwaVe.5479$qE.1203426@xxxxxxxxxxxxxxxxxx
>> "Darren" <Daz@xxxxxxxxxxxxxxx> wrote in message
>> news:j3WUe.4364$st1.3086@xxxxxxxxxxxxxxxxxxxxxxx
>> >
>> <snipped>
>> > Well that is one method i see for solving my problem now bear in mind
> that
>> > i
>> > know very little of java security and policies other than what you good
>> > people have told me and what i have found on google but if either i can
>> > get
>> > a web client to temorarily use my own policy file where it can get
>> > permission to open a socket to my web site and read from it or find
>> > another
>> > way to do like a self signed sertificate it then that would be cool.
>>
>> Darren...
>>
>> Let's clear up this once and for all?
>>
>> Your scenario is that:
>> * You have two web-servers
>> * Server A does NOT have server-side scripting available (B Does)
>> * On a web-page served from server A, you would like to inform
>> the user if server B is up and running.
>> * You tried to solve this by writing an Applet on the page from
>> server A. This Applet tried to open something on Server B.
>> If this was successful you would know that Server B was running.
>> * Your applet was stopped by a security-exception because it tried
>> to do a cross-domain request.
>> * I think it was I that lead you down the path to the .policy file.
>> That was wrong of me, and I just did it to verify that you
>> development machine didn't have any special setup.
>> * From this piont on, *forget* about .policy files.
>> * Create a jar file with a manifest from your original applet
>> * Use the following procedure to create a self-signed certificate
>> and sign your applet:
>> http://www.jensign.com/JavaScience/www/selfsigned/
>> * redeploy the applet, and things should be working.
>> * No need for any special security or permissino code.
>>
>> (Or have I completely missed the point here?)
> nope. Nail on head. :)
> Al goes well until i try implemeting itthen i get a class not found
> load: class Helloserver.class not found.
> java.lang.ClassNotFoundException: Helloserver.class
> at sun.applet.AppletClassLoader.findClass(Unknown Source)
<snipped/>
>
> "C:\applets\Helloserver.jar\Helloserver\class.class "
>
> Something wrong there. the class is called helloserver.class not
> class.class
> and it's located in c:\applets\ not in c:\applets\helloserver.
>

C:\... ???

Can you post the html you use to load the applet? Ie. the webpage containing
the applet.

> I tried to open the jar file with winzip and i got "failed to load
> main-class manifest attribute from c:\archive\Helloserver.jar"
> Am I right in thinking the manifestis something to do with the security of
> the signature of the jar?
>
Yes, the Jar file must have a manifest to be signed, but the 'jar' command
will add a default one if you don't specify one manually:

jar cfv test.jar MyClass.class

> Also am I right in thinking that once i've created the signiture, I can
> sign
> as many applets as I want with the same signiture?
>

Yes, that is correct.

--
Dag.

.

Follow-Ups:
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Darren

References:
- Self-signed security certificates.. (oh, the evil)
  - From: Andrew Thompson
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Darren
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Andrew Thompson
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Darren
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Andrew Thompson
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Roedy Green
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Andrew Thompson
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Roedy Green
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Darren
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Dag Sunde
- Re: Self-signed security certificates.. (oh, the evil)
  - From: Darren

Prev by Date: Re: Parsing file paths with regular expressions
Next by Date: looking for pattern
Previous by thread: Re: Self-signed security certificates.. (oh, the evil)
Next by thread: Re: Self-signed security certificates.. (oh, the evil)
Index(es):
- Date
- Thread

Relevant Pages

Re: IIS Slow with little load problem
... Tracing on the SQL Server ... Can't you load up a local test HTML page to get the ... Applet running -- in which case, you are dealing with a local filesystem ... > IIS will likely cache access to those class files such that subsequent ...
(microsoft.public.inetserver.iis)
Re: IIS Slow with little load problem
... The best example is bringing up the applet. ... I'm not sure how many classes are needed for the initial load, ... In both cases there are probably a dozen sql server calls ... > is for hundreds of class files with hundreds of individual seeks to the ...
(microsoft.public.inetserver.iis)
Re: Self-signed security certificates.. (oh, the evil)
... >>> the user if server B is up and running. ... >>> server A. This Applet tried to open something on Server B. ... >> load: class Helloserver.class not found. ... >> I tried to open the jar file with winzip and i got "failed to load ...
(comp.lang.java.programmer)
Image - Problem
... images in the middle of the applet, ... I then created a seperate class to load the applet using the "public static ... My problem is that i then created an executable jar file containing the ... images an class files. ...
(comp.lang.java.help)
Re: Image - Problem
... > images in the middle of the applet, ... > I then created a seperate class to load the applet using the "public static ... > My problem is that i then created an executable jar file containing the ... > images an class files. ...
(comp.lang.java.help)