Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Question for deployment: Does JRE Install include keytool, etc?

 
Ranch Hand
Posts: 585
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to offer clients who install my app an easy way to import my certificate into their keystore and then update their security policy. Does anyone know, if they just have the JRE (no JDK) will that include:
1. keytool
2. default .keystore
3. jarsigner
 
Ranch Hand
Posts: 388
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i dont have a clue....but how about you try and tell us :-)
k
 
"The Hood"
Posts: 8521
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I believe that this is part of the JCE API.
 
Robert Paris
Ranch Hand
Posts: 585
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks. I'm assuming JCE is not part of JRE?
 
Robert Paris
Ranch Hand
Posts: 585
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK, I finally got the answer:
http://java.sun.com/products/jdk/1.2/jre/README.html
Says keytool is optional on all OS's. So that leads me to a question:
1. If the only way I can grant rights to code that is signed is by importing it into a keystore and then in the ".policy" file listing that keystore and the alias name of the certificate with a grant - then how does the JRE do it without keytool? How could I guarantee that I can walk the user through this? There has to be a way. How do applets do this?
 
Cindy Glass
"The Hood"
Posts: 8521
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Robert,
This sounds an awful lot like security to ME.
What kind of an architecture are you using (apparently not Applets). If you just deploy an application on a PC (for instance off a CD or whatever) then there is no security required at all.
 
Robert Paris
Ranch Hand
Posts: 585
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My app can be used two ways:
1. in regular Java Apps
2. In a web App
In both cases, whether or not there is security depends on whether the app (web or other app) that is using my code has turned security on. So I need to be able to execute whether or not security is on. I agree that now this has become a security issue, but that's only because keytool is optional. The main question was: does it have keytool. Since I know it doesn't, I should start a new thread in security which i will do now, asking a diff. question: how do i programmatically create a keystore and import my certificate into it?
 
Stinging nettles are edible. But I really want to see you try to eat this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic