dans.blog

We recently bought a Self-Signing Cert from Comodo through Tucow's Authors site. Through Tucows I was able to get a 3 year cert for $195—which is cheaper than a 1 year cert from either Thawte or Verisign.

I was expecting them to send me a cert via e-mail, but instead they install the certificate into the browser in which you purchased the certificate. From this point on Comodo doesn't offer any instructions on how to use the cert, so I had to do some research.

First, I'd recommend buying your cert using Firefox. If the cert gets installed into Internet Explorer, you need to jump through a bunch of hoops to generate the p12 file from the pvk format. Once you have your cert stored as a PKCS12 file, the steps for signing your Java Applet are pretty straightforward.

The instructions below show you how to sign an applet provided your personal cert has installed into Firefox. If you already have your p12 file, the you can skip to step 11(the directions use the filename of self-sign.p12 for the exported key.)

1. Open Firefox v2.x
2. Go to Tools > Options...
3. Click on the Advanced button
4. Go to the Encryption tab
5. Click on the View Certificates button
6. On the Your Certificates tab you should see your personal cert
7. Click your personal cert
8. Click the Backup button
9. Save the file to your desktop as: self-sign.p12 (the p12 extension will be added for you automatically)
10. Enter a password for the certificate when prompted by Firefox (you'll need this value later)
11. Now that the cert has been exported, we need to get the "alias" so we know what to use when signing the applet.
12. From a command prompt run:
    keytool -list -storetype pkcs12 -keystore /path/to/your/self-sign.p12
    
    (The keytool is a command line tool located in your JDK's /bin folder.)
13. Enter the password you assigned in step 10

14. You should now see some output that looks like:

    Keystore type: PKCS12
    Keystore provider: SunJSSE

    Your keystore contains 1 entry

    [Alias], Jan 1, 2008, keyEntry,
    Certificate fingerprint (MD5): hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh:hh

    The [Alias] is a string that might be look like a UUID (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx) or it could just be string of various text. The alias will be the part of the text up to the first comma before the date.

15. To sign a jar, we use:
    jarsigner -storetype pkcs12 -keystore /path/to/your/self-sign.p12 yourJar.jar [Alias]
    
    Or if you prefer Ant, you can use something like:
    <target name="signjar" depends="jar">
      <input
        message="Please enter keystore password:"
        addproperty="keypass" />
      <signjar jar="${lib}/yourJar.jar" storetype="pkcs12"
        keystore="/path/to/your/self-sign.p12" alias="[Alias]"
        storepass="${keypass}"/>
    </target>

I highly recommend creating an Ant build.xml script for compiling and signing your JAR. The biggest benefit is once you get it set up, there's nothing manual you need to do.

Posted by Dan on Feb 27, 2008 @ 2:18 PM

Well finally got the infection under control—at least for the most part. Her left hind leg, which was the one that was really swollen, got back to normal size by Thursday of last week. He right hind leg is still a little irritated, but they were able to take her staples out yesterday. The funny thing is the leg that looked so bad last week, looks really good.

The incision has healed up nicely and you barely notice it. The right leg is still a little red and swollen. Since she still has a bit of an infection and the leg is tender, they want us to keep the eCollar on when we can't keep an eye on her—just to prevent excessive licking. We're able to keep the eCollar off as long as we can keep an eye out to make sure she doesn't keep licking at the wound.

She still handling being in her kennel well. She hasn't really complained, other than the occasion crying around 6am when she needs her potty break.

The one thing that has Jenn and I little concerned is that when we got back to the house yesterday (after getting the staples out) she slipped a bit in the driveway. The Vet told us we didn't have to use her sling anymore, but our intention was to keep using it since it's been so icy outside. Unfortunately, right after I lifted her out of the SUV, but before I could get the sling on her, she slipped a bit in the driveway. She was walking a bit tenderly yesterday, so we're monitoring it closely to make sure she didn't injure it. I think it's just that the infection is still a little tender after getting the staples removed, but we'll know more today I think.

She's also definitely getting her strength back. She's really started to drag us around the backyard. Part of the reason I want to keep using the sling is it helps me control her a little bit. If she's putting to much stress on her back legs, I can lift her rear up a bit and that gets her to stop.

Hopefully by the end of week 3, the infection will be completely gone.

Posted by Dan on Feb 27, 2008 @ 11:38 AM

[UPDATED: Thursday, February 28, 2008 at 8:02:17 AM]

I thought maybe this was a tip worth blogging. I like to use labels in my debug information as it helps me to quickly identify the debug statement that generated the output. Appending a label string to a simple value is easy enough in JavaScript, as it'll automatically be converted to a string. However, this doesn't work for complex values. You can place the label on a separate line, but I like to try to keep things to one line whenever possible. The way I do this is to use an array to output my label first and then the value:

This gives you the benefit of generating a label and a value all on one line. I find the syntax very easy to read in the Firebug console and it keeps everything on one line—just the way I want it. The output will look like:

Hopefully someone else will find this tip useful.

UPDATE:

For those of you who want a Firebug to output a hyperlink to the line that invoked the message, you might want to use console.debug() instead.

Posted by Dan on Feb 27, 2008 @ 11:26 AM