Note: This Java deployment guide describes features released prior to the Java SE 6 update 10 release. See Java Rich Internet Applications Development and Deployment for the latest information.
When running an applet in a browser using the Sun Java Runtime Environment (JRE) implementation, the applet is unable to use certificates from the browser for https client authentication.
The Java plug-in uses certificates for client authentication from a certificate store specific to the Sun Java Runtime Environment (JRE). The plug-in does not use the certificates from the browser certificate store.
Client authentication in Java plug-in requires the client certificate store on the user disk, keystore type, and the password to access the client. The following three parameters should be provided with system properties:
-Djavax.net.ssl.keyStore=<client_keystore_file_path>
-Djavax.net.ssl.keyStorePassword=<password to access the client keystore file>
-Djavax.net.ssl.keyStoreType=<keystore_type>
These properties should be specified in the Advanced tab of the Java Control Panel.
To export a digital certificate from the browser certificate store into a file, perform the following steps:
.pfx
extension. Click Next.If the user exports the certificate to a file called c:\certs\client.pfx
, the required system properties will take the following values:
-Djavax.net.ssl.keyStore=c:\certs\client.pfx
-Djavax.net.ssl.keyStorePassword=<password to access the client keystore file c:\certs\client.pfx>
-Djavax.net.ssl.keyStoreType=pkcs12
None.