Generate a Testing Certificate for Signing an Applet

All JAR files of an applet deployed on a remote Web server must be signed with the same certificate before the applet is deployed. The following steps describe how to generate a test certificate for signing the JAR files. We will use the tool called Keytool, which is included in the Oracle Java Development Kit.

  1. Create a keystore with an RSA encryption key.

    Invoke the following in a command-line terminal:

    keytool -genkey -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -keyalg RSA -keysize 2048 -dname "cn=your name here, ou=organization unit name, o=organization name, c=US"

    This command creates a keystore file called keystore.pkcs. The certificate attributes are specified in the dname parameter: common name of the certificate, organization unit name (for example, Purchasing or Sales Department), organization name, country.

  2. Generate a self-signed certificate.

    Invoke the following in a command-line terminal:

    keytool -selfcert -alias myAlias -keystore keystore.pkcs -storetype PKCS12

  3. Optionally display the certificate details in a human readable form.

    First, the certificate must be exported to a separate file with the following command:

    keytool -export -alias myAlias -keystore keystore.pkcs -storetype PKCS12 -file certfile.cer

    The certificate details are displayed with the command:

    keytool -printcert -file certfile.cer

  4. Edit the default.properties file and fill-in the parameters that hold the path to keystore.pkcs file (keystore parameter), keystore type (storetype parameter, with JSK or PKCS12 as possible values), alias (alias parameter) and password (password parameter).
  5. The JAR files are automatically signed during the package phase of the Maven build.