Get rid of the “UNKNOWN” publisher from applet security warning

Question

I\'m trying to sign an applet so that the publisher does not appear as \"UNKNOWN\" :

Answer 1

If you have your own CA and sign applets with certificates issued by that CA, then you obviously need to add that CA's certificate to the list of trusted certificate authorities.

When running inside IE, the Java plugin seems to be able to use the system list of CA, so you just need to add your CA certificate to the system certificate storage (be sure to manually choose the certificate destination as a trusted CA during the import).

When running inside Chrome or Firefox, the Java plugin for some reason does not use system certificate storage, but only its own separate certificate storage. You will get the "insecure" security warning with "UNKNOWN" publisher when running applet in these browsers if the CA's certificate is not present in the Java plugin certificate storage, regardless of whether it is in the "trusted CA" system certificate storage.

To add a certificate to Java plugin storage:

• open Java control panel
• select "Security" tab
• click "manage Certificates..." button
• select "Signer CA" option in the "Certificate type" combo-box.
• import your CA's certificate

The next time you use Chrome or Firefox to run your applet, you will have a normal "secure" security warning with the option to trust that applet forever.