How can I set the publisher name in my signed jar file, using a self-signed certificate?

Steven Colgrove picture Steven Colgrove · May 22, 2011 · Viewed 8.1k times · Source

I've compiled my applet, created a jar file, generated a keystore db with keytool, signed the jar with jarsigner, and exported the public key cert with keytool.

Now when I run my applet in the browser it does work, after prompting me if I'm sure I want it to run.

The problem is it says "Publisher: UNKNOWN" in the box. Is there anyway I can set that to my alias, since I coded the applet?

Answer

Andrew Thompson picture Andrew Thompson · May 22, 2011

A 'self signed' certificate is not worth the bits it is written on. If you can make a certificate that claims it is you, I can just as easily forge one.

That is why the JRE lists the publisher as 'unknown'. It does not matter who they claim to be, it is ignored unless the certificate has been verified by a trusted authority.