Copyright © 2004, 2005 TJ
The GNU General Public License version 2 or later applies to my ExportPrvKey.class. See http://www.gnu.org/licenses/gpl.html
Here's how to get and use a code-signing Thawte digital certificate to sign your Java JAR and Microsoft CAB, EXE, DLL, VBscript, etc. code, to create trusted applets for downloading over the Internet, and to convert the Java JKS key-store to P12/Microsoft PFX (Personal Information Exchange) format to share the same certificate with Java JAR files and Microsoft CAB files.
This allows software authors to increase the range of activities the Java Security Manager will permit.
| << Overview | Download and Install Tools | Personal Freemail account at Thawte >> |
|---|
On your PC create a project folder (on mine its C:\Projects\CodeSigning) and a key-tools folder (on mine its C:\KeyTools).
Download my package of tools (153KB) to your KeyTools folder (this makes it easier than installing the complete Java Software Development Kit and OpenSSL packages).
The packages contains:
web: java.sun.com/j2se/1.4.2/
download: java.sun.com/j2se/1.4.2/download.html
web: www.openssl.org
download: www.openssl.org/related/binaries.html
web: www.dallaway.com/acad/webstart/
download: www.dallaway.com/acad/webstart/thawtecleaner.jar
web: msdn.microsoft.com/workshop/security/authcode/intro_authenticode.asp
download: download.microsoft.com/download/b/e/f/bef2551b-401d-4311-ab8f-13d3892b8154/codesigningx86.exe
If you already have the Java SDK and OpenSSL packages on your system, and don't want to use those components from my package, please ensure you have their ../bin directories set in your PATH environmental variable, or else the tools won't be found when you try to run them from the CodeSigning directory.
On my system the directories look like this, but on yours they'll likely be different:
C:\Program Files\Java\SDK\1.4.2_06\bin
C:\Program Files\OpenSSL\bin
and my PATH environmental variable ends with ;C:\Program Files\Java\SDK\1.4.2_06\bin;C:\Program Files\OpenSSL\bin;
Extract all the files from the KeyTools.zip file using WinZip or some other archive tool, and put them in the KeyTools folder.
You might also want to obtain the Microsoft Cabinet Software Development Kit, which contains the cabarc.exe tool amongst others.
web: msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/contcompdel.asp
download: download.microsoft.com/download/platformsdk/cab/2.0/w98nt42kmexp/en-us/Cabsdk.exe
Add the KeyTools folder to the PATH environmental variable. Its probably best to add it to the System PATH not the User PATH, so that all users of your PC can access the tools.
Go to Start Menu, right-click My Computer, choose Properties.
Choose the Advanced tab, then press the Environment Variables button.
Edit the System variable PATH.
Add the KeyTools directory to the path.
You're now ready to obtain and convert a digital certificate.
| << Overview | Download and Install Tools | Personal Freemail account at Thawte >> |
|---|
If you have any comments or simply find this guide a useful time-saver I'd welcome hearing from you. You can email me at codesigning@tjworld.net .
© Copyright 2004, 2005 TJ. You are welcome to link directly to this article and make a non-public personal copy (not redistributed or republished). The article must remain in XHTML form (mustn't be converted to proprietary formats such as PDF or DOC). If you would like to include it in a commercial service (e.g. a subscription or advertiser-supported web site) please ask.