ActiveX and Java code signing
View PDF
by: Admin
Total views: 447
If you are in the unfortunate situation of having to use an ActiveX control to do something on the user's machine, you're in for a treat. Code signing is a painful process, especially if you don't have a valid certificate.
This tutorial shows you how to apply an invalid certificate on an ".cab" file. It is a nice tutorial, showing step by step how you can create a key and apply it to your code. However, I can tell you now that this will not work. The browser will still block your control, without giving you a choice, because the publisher of the ActiveX control is "unknown". Your only choice is to purchase a valid certificate from verisign, or any other vendor.
My advice to you is to let go of ActiveX altogether and use an Java Applet instead. It is much easier to work with, and it has it's own code signing tools. You can use invalid certificates, but in this case, the browser has the common sense to prompt you about running the script instead of blocking it. Here is an easy way to sign you java ".jar" file :
keytool -genkey -dname "cn=, ou=, o=, c=" -alias your_jar -keypass some_password -keystore your_jar.key -storepass some_password -validity 180
jarsigner -keystore your_jar.key -storepass your_password -keypass your_password your_jar.jar your_jar
Keytool.exe and jarsigner.exe can be found in your jdk installation folder.
About the Author
Rating: Not yet rated