Name: rm29839 Date: 05/04/98


I have a Verisign Software signing certificate for both Netscape browsers and Microsoft
Authenticode. I would like to either export one of these certificates that can be used with the JDK1.2beta3 keytool. The tool's
documention references importing a certificate generated by a CA but it doesn't seem to work with the Netscape's or MS
Authenticode's certificate. Below is all there is in the JDK documentation about this. It talks about creating your own
public/private key certificate and sending for a signed certificate by Verisign. How much does this cost? Verisign doesn't do
anything for "free". In addition, it doesn't talk about this procedure anywhere on Verisign's web site. Where do you submit it?
Has anyone tried this or is this vaporware documentation?


Cliff



JDK doc: <http://www.javasoft.com/products/jdk/1.2/docs/tooldocs/win32/keytool.html>.
This page contains the following:

---------------------------------------------

Requesting a Signed Certificate from a Certification Authority
So far all we've got is a self-signed certificate. A certificate is more likely to be trusted by others if it is signed by a Certification Authority (CA). To get such a signature, you first generate a Certificate Signing Request (CSR), via the following:

    keytool -csr -file MarkJ.csr
This creates a CSR (for the entity identified by the default alias "mykey") and puts the request in the file named "MarkJ.csr". Submit this file to a CA, such as VeriSign, Inc. The CA will authenticate you, the requestor (usually off-line), and then will return a certificate, signed by them, authenticating your public key. (In some cases, they will actually return a chain of certificates, each one authenticating the public key of the signer of the previous certificate in the chain.)

-----------------------------------------------
(Review ID: 28214)
======================================================================