CODEWITHSUNDEEP
javasecurityappletdigital-signaturejssc
paul-2011
paul-2011

Reputation: 704

How do I sign my Applet correctly to access the computer's COM Port?

I'm self signing my Applet that uses the library JSSC to read a COM Port device's data however that's not enough to allow the applet to access that resource and an exception is thrown when I try to list the COM ports available, I'm testing on my https url.

First I get "Running this application may be a security risk", then it asks me if I want to block the unsafe content (mixed security), I click NO but still the JSSC library won't work.

I don't know what else to try, any advise is much appreciated.

Upvotes: 0

Views: 398

Answers (2)

paul-2011
paul-2011

Reputation: 704

This is how I solved the problem:

  1. Downloaded Eclise.
  2. Installed this plugin: http://keytool.sourceforge.net.
  3. Used the plugin to generate my own certificate.
  4. Went back on Netbeans where my project was.
  5. Brought up my project properties.
  6. Under "Application" -> "Web Start" I checked "Enable We Start".
  7. On "Signing" i clicked "customize".
  8. Checked "Sign by a specified key"
  9. Clicked "Browse" and searched for the certificate generated on Eclipse.
  10. Entered the certificate password that I assigned on Eclipse and an Alias (any).
  11. Kept "Mixed Code" as "Enable Software Protections".
  12. Downgraded the machine to Java 6 (http://www.oldapps.com/java.php).
  13. Built the project on Netbeans and it signed my jar and the JSSC.jar automatically.
  14. Opened the Java settings and under "Advanced" I checked "Disable veritication".
  15. Deployed the project and launch the applet page, Java displayed a security warning, I checked the box to Always Trust the publisher and the applet now works 100% and without any additional prompts.

Upvotes: 0

Lonzak
Lonzak

Reputation: 9816

Do you mean this applet?

What is the java version you are using?

Do you use an jnlp file (like this one)?

In the latest java update 7u51 (1.7.0_51) by default you are not able to run self signed applets anymore. So what can you do?

  1. Use an official certificate OR
  2. Decrease the security level in your system properties\Java\Security to medium OR
  3. Add your page to the exception site list

Here is an overview of what changed in the latest java version. Important for you is especially the permissions Manifest attributes (because it is not set in the jssc.jar nor in the jSSC-Terminal.jar file)

Regarding the message with the mixed security could it be that you only signed your applet.jar and not the 3rd party libs (like jssc.jar)?

Upvotes: 1

Related Questions