------=_NextPart_000_001F_01BE21D0.FE99D080
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0020_01BE21D0.FE9CDDC0"
------=_NextPart_001_0020_01BE21D0.FE9CDDC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
In section 4 "Example certificate directive file" you took "duke" as the =
subject name but then continue with subject.real.name=3D Marianne =
Mueller. Is this correct???
I also have a problem using javakey to generate a certificate and run a =
signed applet in a browser, respectively.
I ever receive such messages in the Java Console:
# Error: Invalid Hash of this JAR entry (-7882)
# jar file: C:\TEMP\jzip11DR.TMP
# path: PrintCanvas.class
# Error: Strange PKCS7 or RSA failure (-7881)
# jar file: C:\TEMP\jzip11DR.TMP
# path: C:\TEMP\jzip11DR.TMP
# Error: loading of signatures has failed (-1)
# jar file: C:\TEMP\jzip11DR.TMP
# path: /pmd/test/
(This happens when signer =3D=3D identity =3D=3D 'ulrich'.)
However, when trying to use different issuer and subject I have the =
problem to not have a public key for the subject!
1. javakey -cs sdc true
2. javakey -gk sdc DSA 1024 sdc.key.public sdc.key.public
3. javakey -c ulrich true
4. javakey -gc ulrichCertDirective
--> this step fails!!! ... and I don't know why!
The message: ulrich[identitydb.obj][trusted] does not have a =
public key.
=3D=3D> How can I create a public key for an identity (not a =
signer!) since "javakey -gk ..." is to be used for generating a key pair =
for the SIGNER!
By the way javakey -ld results in:
ulrich[identitydb.obj][trusted]
no public key
no certificates
No further information available.
sdc[identitydb.obj]
public and private keys initialized
certificates:
certificate 1 for : CN=3DSDC ...
(--> This one I've created with issuer =3D=3D subject =3D=3D 'sdc' =
!!!)
No further information available.
How can I generate a certificate individually for any identity like =
'ulrich'???
Here's my certificate and signature directive which I've used to try to =
create a certificate for an identity authenticated by the signer 'sdc' =
and what fails:
a) certificate directive
#Name des Zertifikators
issuer.name=3Dsdc
issuer.cert=3D1
#Name und Informationen zur zertifizierenden Person
subject.name=3Dulrich
subject.real.name=3DDirk Ulrich
subject.org=3DSDC
subject.org.unit=3DDevelopment
subject.country=3DGermany
#Angaben =FCber die Dauer des Zertifikats
start.date=3D1 Dec 1998
end.date=3D1 Dec 1999
serial.number=3D1
#Name der Datei, in der das Zertifikat gespeichert wird
out.file=3DCert.cert
b) signature directive
#Name des Unterzeichners
signer=3Dsdc
#Nummer des Zertifikats, von javakey der Zertifizierung des =
Unterezeichners zugewiesen
cert=3D1
#Baumtiefe der einzubindenden Zertifikate (z.Zt. nicht unterst=FCtzt)
chain=3D0
#Name der Signature-Datei
signature.file=3DulrichS
#Name des zu erzeugenden Archives
out.file=3DSignedPrintApplet.jar
signature.file=3DwriteSig
I'd appreciate if you could show me the steps which I have to do:
- create a signer (sdc)
- create an identity (ulrich)
- generate a key pair for the signer (issuer =3D=3D sdc)
- generate a public key for the identity
- generate a certificate
- sign a jar file
Attached you'll find the tiny program which simply should print out a =
graphic on the clients local printer as well as the relating HTML page.
Thank you very much for your help.
Kind regards,
Dirk Ulrich Dipl.-Inf.(FH)
fon: +49-30-40 53 61-75
fax: +49-30-40 53 61-85
d.ulrich@sdc.de
------=_NextPart_001_0020_01BE21D0.FE9CDDC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">
------=_NextPart_000_001F_01BE21D0.FE99D080
Content-Type: application/octet-stream;
name="PrintApplet.java"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="PrintApplet.java"
aW1wb3J0IGphdmEuYXd0Lio7CmltcG9ydCBqYXZhLmFwcGxldC4qOwppbXBvcnQgamF2YS5hd3Qu
ZXZlbnQuKjsKCi8vaW1wb3J0IG5ldHNjYXBlLnNlY3VyaXR5Lio7CgpwdWJsaWMgY2xhc3MgUHJp
bnRBcHBsZXQgZXh0ZW5kcyBBcHBsZXQgaW1wbGVtZW50cyBBY3Rpb25MaXN0ZW5lcgp7CiAgICBQ
cmludENhbnZhcyBjYW52YXM7CgogICAgcHVibGljIHZvaWQgaW5pdCgpIHsKICAgICAgICAKICAg
ICAgICBjYW52YXMgPSBuZXcgUHJpbnRDYW52YXMoKTsKICAgICAgICBhZGQoIkNlbnRlciIsIGNh
bnZhcyk7CgogICAgICAgIEJ1dHRvbiBiID0gbmV3IEJ1dHRvbigiUHJpbnQiKTsKICAgICAgICBi
LnNldEFjdGlvbkNvbW1hbmQoInByaW50Iik7CiAgICAgICAgYi5hZGRBY3Rpb25MaXN0ZW5lcih0
aGlzKTsKICAgICAgICBhZGQoIlNvdXRoIiwgYik7CiAgICB9CgogICAgcHVibGljIHZvaWQgYWN0
aW9uUGVyZm9ybWVkKEFjdGlvbkV2ZW50IGUpIHsKICAgICAgICBTdHJpbmcgY21kID0gZS5nZXRB
Y3Rpb25Db21tYW5kKCk7CiAgICAgICAgaWYgKGNtZC5lcXVhbHMoInByaW50IikpIHsKLy8JUHJp
dmlsZWdlTWFuYWdlci5lbmFibGVQcml2aWxlZ2UoIlVuaXZlcnNhbFByaW50Sm9iQWNjZXNzIik7
CiAgICAKICAgICAgICAgICAgUHJpbnRKb2IgcGpvYiA9IGdldFRvb2xraXQoKS5nZXRQcmludEpv
YihudWxsLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIlByaW50aW5nIFRlc3QiLCBu
dWxsKTsKICAgICAgICAgICAgaWYgKHBqb2IgIT0gbnVsbCkgewogICAgICAgICAgICAgICAgR3Jh
cGhpY3MgcGcgPSBwam9iLmdldEdyYXBoaWNzKCk7CgogICAgICAgICAgICAgICAgaWYgKHBnICE9
IG51bGwpIHsKICAgICAgICAgICAgICAgICAgICBjYW52YXMucHJpbnRBbGwocGcpOwogICAgICAg
ICAgICAgICAgICAgIHBnLmRpc3Bvc2UoKTsgLy8gZmx1c2ggcGFnZQogICAgICAgICAgICAgICAg
fQogICAgICAgICAgICAgICAgcGpvYi5lbmQoKTsKCiAgICAgICAgICAgIH0KICAgICAgICB9CiAg
ICB9Cn0KCi8vLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCgpjbGFzcyBQcmludENhbnZhcyBleHRlbmRz
IENhbnZhcyB7CgogICAgcHVibGljIERpbWVuc2lvbiBnZXRQcmVmZXJyZWRTaXplKCkgewogICAg
ICAgIHJldHVybiBuZXcgRGltZW5zaW9uKDEwMCwgMTAwKTsKICAgIH0KCiAgICBwdWJsaWMgdm9p
ZCBwYWludChHcmFwaGljcyBnKSB7CiAgICAgICAgUmVjdGFuZ2xlIHIgPSBnZXRCb3VuZHMoKTsK
CiAgICAgICAgZy5zZXRDb2xvcihDb2xvci55ZWxsb3cpOwogICAgICAgIGcuZmlsbFJlY3QoMCwg
MCwgci53aWR0aCwgci5oZWlnaHQpOwoKICAgICAgICBnLnNldENvbG9yKENvbG9yLmJsdWUpOwog
ICAgICAgIGcuZHJhd0xpbmUoMCwgMCwgci53aWR0aCwgci5oZWlnaHQpOwoKICAgICAgICBnLnNl
dENvbG9yKENvbG9yLnJlZCk7CiAgICAgICAgZy5kcmF3TGluZSgwLCByLmhlaWdodCwgci53aWR0
aCwgMCk7CiAgICB9Cn0KCg==
------=_NextPart_000_001F_01BE21D0.FE99D080--