COMPGROUPS.NET | Search | Post Question | Groups | Stream | About | Register

Check leaf key usage failed in certificate

  • Follow


I have an applet, embedded in a web page, that worked fine (and still
works fine) on machines running Java 1.4.2 and below, but throws an
exception on machines running version 1.5.0_0x. Specifically, I get the
following exception and stack trace:

java.security.cert.CertificateException: Check leaf key usage failed in
certificate
     at com.sun.deploy.CertUtils.checkUsageForCodeSigning(Unknown
source)
     ...



I'm totally new to signed applets, so I have no clue what "check leaf
key usage" is or why it failed in the certificate. I also can't figure
out why it didn't fail in 1.4.2 and failed in 1.5.0. Does anybody have
some ideas how I can get my applet back up and running?

Thanks.

--Jay
0
Reply jayharris 5/16/2005 8:02:20 PM 

I had the same problem but with a signed application and WebStart
(worked fine in 1.4.x, but was rejected by 1.5 with the same exception
you're seeing).

The problem was due to the fact that I was signing the application with
a certificate that wasn't suitable for code-signing. It was an SSL
certificate (SSL certificates don't have code-signing extensions).

You need to make sure you're signing your applet with a certificate that
is suitable for code signing. Note that jarsigner in 1.4 and 1.5 will
happily sign your code with an unsuitable certificate without indicating
that there might be a problem. (They will both even verify that the jar
has been signed.)

Damian



jayharris@gmail.com wrote:
> I have an applet, embedded in a web page, that worked fine (and still
> works fine) on machines running Java 1.4.2 and below, but throws an
> exception on machines running version 1.5.0_0x. Specifically, I get the
> following exception and stack trace:
> 
> java.security.cert.CertificateException: Check leaf key usage failed in
> certificate
>      at com.sun.deploy.CertUtils.checkUsageForCodeSigning(Unknown
> source)
>      ...
> 
> 
> 
> I'm totally new to signed applets, so I have no clue what "check leaf
> key usage" is or why it failed in the certificate. I also can't figure
> out why it didn't fail in 1.4.2 and failed in 1.5.0. Does anybody have
> some ideas how I can get my applet back up and running?
> 
> Thanks.
> 
> --Jay
>
0
Reply Damian 5/17/2005 5:53:48 AM

comp.lang.java.security 1258 articles. 2 followers.

1 Replies
299 Views

(page loaded in 0.048 seconds)

Similiar Articles:

Check leaf key usage failed in certificate - comp.lang.java ...
I have an applet, embedded in a web page, that worked fine (and still works fine) on machines running Java 1.4.2 and below, but throws an exception on...

Jarsigner with cert openssl - comp.lang.java.security
Jarsigner with cert openssl - comp.lang.java.security Jarsigner with cert openssl - comp.lang.java.security Check leaf key usage failed in certificate - comp.lang ...

Generate digital keys/certificates programmatically - comp.lang ...
Check leaf key usage failed in certificate - comp.lang.java ... Programmatically specify client cert as part of web ... java 1.4 digital signature - comp.lang.java ...

Verifying signed JARs in Java is crap! - comp.lang.java.security ...
Check leaf key usage failed in certificate - comp.lang.java ... (They will both even verify that the jar has been signed.) Damian jayharris@gmail.com wrote: > I ... get ...

Programmatically specify client cert as part of web service call ...
Check leaf key usage failed in certificate - comp.lang.java ... Programmatically specify client cert as part of web service call ..... AES key with raw key bytes - comp ...

Cert chain versus an individual cert - comp.lang.java.security ...
Check leaf key usage failed in certificate ... ... Cert chain versus an individual cert - comp.lang.java.security ..... JSSE user guide on Sun's ...

java.security.UnrecoverableKeyException: Get Key failed: / by zero ...
Check leaf key usage failed in certificate - comp.lang.java ... java.security ... Server / Security Comparison? - comp.lang.java ... Check leaf key usage failed in ...

Java / Application Server / Security Comparison? - comp.lang.java ...
... AES key with raw key bytes - comp.lang.java.security Java / Application Server / Security Comparison? - comp.lang.java ... Check leaf key usage failed in certificate ...

Web security and error page - comp.databases.filemaker
Check leaf key usage failed in certificate - comp.lang.java ... I have an applet, embedded in a web page, that worked fine (and still works fine) on ...

AES key with raw key bytes - comp.lang.java.security
Check leaf key usage failed in certificate - comp.lang.java ... AES key with raw key bytes - comp.lang.java.security AES key with raw key bytes - comp.lang.java.security ...

Check leaf key usage failed in certificate - comp.lang.java ...
I have an applet, embedded in a web page, that worked fine (and still works fine) on machines running Java 1.4.2 and below, but throws an exception on...

Validating the Certificate Chain
... first certificate is called the leaf certificate ... child elements that specify the usage of the certificate. ... The hash value is used to check the certificate ...

7/14/2012 2:42:22 PM


Reply:
Privacy Policy | All Times Are GMT(UTC) | powered by