First create a key-pair using keytool
.
keytool -genkey -alias somekeyname
Then use jarsigner
to sign it with the key you just created.
jarsigner /path/to/jar somekeyname
Note, you need to use the same alias (somekeyname
here) as the one you create the key with.
Now, since the certificate is self-signed, the user of your applet will be prompted to approve the certificate. Once they do so, your tcp connections should work.
Since I assume you're only using the applet internally in your organization, self-signed certs should be fine. Otherwise you will have to pay for a certificate. In that case, your users will not need to accept the certificates after the first time (if they choose Always Allow").
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…