You are here: irt.org | FAQ | Java | Q4079 [ previous next ]
To digitally sign an applet or object means that you are computing a value. It is generally advisable to combine the class and other files which are to be downloaded into a .jar file using the jar utility. Now there is another tool provided in jdk1.2 called the jarsigner, this tool is used to sign the .jar file. But before that you need to create a public/private key pair . This can be achieved using the keytool provided by jdk1.2. The keytool creates the keystore with the public and private key pair. A key store is the database that keeps the keys and digital certificates.
Please check the keytool utility options.
Once you have created the keystore with public and private keys, you can now use jarsigner tool to sign the .jar file with the generated private key.
Again, please check out the arguments to the jarsigner utility. "jarsigner -help"
This process does two things: a) a signature file (.sf) is added to the jar manifest file, b) a signature block file is also added. This is the total process of signing the applet.