Signing a JNLP File
By Sharon Zakhour on Oct 03, 2013
There are several advantages to signing a JNLP file. It will:
- Ensure that others cannot change the content in your JNLP file. For example, by adding a random library, or changing application information.
- Allow the use of arbitrary Java Virtual Machine (JVM) options and Java system properties in your application.
- Prevent others from referencing your JAR file directly in their HTML browser applets.
To create a signed JNLP file you don't sign the JNLP file itself, but you include the JNLP file inside the directory structure before the JAR file is created and then signed. The JNLP file must be named APPLICATION.JNLP and is included in the JNLP-INF subdirectory. The JAR file is then created and signed in the usual manner. When a web start application is started, the JNLP file used must be identical to the JNLP file in the signed JAR in order for the application to run.
Note that you cannot use the APPLET tag to run an applet if JAR file contains a signed JNLP file.
The Signing and Verifying JAR Files lesson in the Java Tutorial explains how to sign a JAR file.