Code Comments

Programming Forum and web based access to our favorite programming groups.
For Programmers: Free Programming Magazines | New: Database administration forum
Registration is free! Edit your profileCalendarFind other membersFrequently Asked QuestionsSearch -> 
Code Comments > Java Forum > Java Security >

Check leaf key usage failed in certificate


Post New Thread











Thread
Author
Check leaf key usage failed in certificate
I have an applet, embedded in a web page, that worked fine (and still
works fine) on machines running Java 1.4.2 and below, but throws an
exception on machines running version 1.5.0_0x. Specifically, I get the
following exception and stack trace:

java.security.cert.CertificateException: Check leaf key usage failed in
certificate
at com.sun.deploy.CertUtils.checkUsageForCodeSigning(Unknown
source)
..



I'm totally new to signed applets, so I have no clue what "check leaf
key usage" is or why it failed in the certificate. I also can't figure
out why it didn't fail in 1.4.2 and failed in 1.5.0. Does anybody have
some ideas how I can get my applet back up and running?

Thanks.

--Jay

Report this thread to moderator Post Follow-up to this message
Old Post
jayharris@gmail.com
05-17-05 08:59 AM

Re: Check leaf key usage failed in certificate
I had the same problem but with a signed application and WebStart
(worked fine in 1.4.x, but was rejected by 1.5 with the same exception
you're seeing).

The problem was due to the fact that I was signing the application with
a certificate that wasn't suitable for code-signing. It was an SSL
certificate (SSL certificates don't have code-signing extensions).

You need to make sure you're signing your applet with a certificate that
is suitable for code signing. Note that jarsigner in 1.4 and 1.5 will
happily sign your code with an unsuitable certificate without indicating
that there might be a problem. (They will both even verify that the jar
has been signed.)

Damian



jayharris@gmail.com wrote:
> I have an applet, embedded in a web page, that worked fine (and still
> works fine) on machines running Java 1.4.2 and below, but throws an
> exception on machines running version 1.5.0_0x. Specifically, I get the
> following exception and stack trace:
>
> java.security.cert.CertificateException: Check leaf key usage failed in
> certificate
>      at com.sun.deploy.CertUtils.checkUsageForCodeSigning(Unknown
> source)
>      ...
>
>
>
> I'm totally new to signed applets, so I have no clue what "check leaf
> key usage" is or why it failed in the certificate. I also can't figure
> out why it didn't fail in 1.4.2 and failed in 1.5.0. Does anybody have
> some ideas how I can get my applet back up and running?
>
> Thanks.
>
> --Jay
>

Report this thread to moderator Post Follow-up to this message
Old Post
Damian Morris
05-17-05 08:59 AM

Sponsored Links



Last Thread Next Thread Next
Search this forum -> 
Post New Thread

Java Security archive

Show a Printable Version Send to friend Email This Page to Someone! subscribe to this thread Receive updates to this thread
Computer Consultants
Programming Jobs
Visual Basic Controls
SQL Server Programming
Webservices
Java Security
Visual Studio
C# Programming
Visual J++
Software engineering
Open source Software
Perl Programming
PHP Programming
ASP Programming
ASP .NET Programming
Visual Basic Programming
Windows Scripting Host
Java Programming
Java Help
Java Beans
VBScript
Cobol
MAC Applications
Unix Programming
Forum Jump:
All times are GMT. The time now is 03:45 AM.

 
Free MCSE Braindumps | Real Estate Topics
Programming forum archive

Copyrights CodeComments.com 2004 - 2006

Powered by vBulletin Copyright 2000-2006 Jelsoft Enterprises Limited.