[signed applet] certification authority

[oliv]

Hi,
I have a signed applet (signed myself with jarsigner.exe).
It works fine but the users get a warning message before accepting the
applet to execute.
Next step, is to have my certificate trusted by Verisign or other
third party.
Do you know any link to a site that would explain the procedure to
follow in details ?
Which certification authority would you recommend ? the cheapest ?

thanks

 

[Andrew Thompson via JavaKB.com]

I have a signed applet (signed myself with jarsigner.exe).
It works fine but the users get a warning message before accepting the
applet to execute.

So is that (fine).

Next step, is to have my certificate trusted by Verisign or other
third party.

Note that although the warning message might be slightly
different, the end user will still be warned, and asked to accept,
a fully verified security certificate, before the applet is trusted.

Do you know any link to a site that would explain the procedure to
follow in details ?
Which certification authority would you recommend ? the cheapest ?

Thawte offers a 'FreeMail' certificate. I have not gone
through the process, but it is supposedly completely
free.

--
Andrew Thompson
http://www.athompson.info/andrew/

Message posted via JavaKB.com
http://www.javakb.com/Uwe/Forums.aspx/java-general/200704/1

 

[oliv]

As to applet, Thawte does not seem free at all to me (200$ / year !!).
http://www.thawte.com/ssl-digital-certificates/code-signing/index.html

None of you have gone through the process of having an applet
authentificated by a third party certifiaction authority (to assure
the integrity and authorship of the code) ?
I am looking for feedback on that process..

thanks

 

[Andrew Thompson via JavaKB.com]

>As to applet, Thawte does not seem free at all to me (200$ / year !!).
http://www.thawte.com/ssl-digital-certificates/code-signing/index.html

A search on 'thawte freemail' should lead you to a different page
http://www.thawte.com/secure-email/personal-email-certificates/
One person who ..used to poast around these groups got
one of those for code signing, but I almost prefer the self-signed
certificate to one that says (AFAIR) 'Thawte Freemail..' and no
name of the actual code signer.

None of you have gone through the process of having an applet
authentificated by a third party certifiaction authority (to assure
the integrity and authorship of the code) ?

Authorites like Thawte never glance at code.
They verify *you*.

I am looking for feedback on that process..

Sorry. I have no experience in that process, I
have always used self-signed certificates.

What does the code do, that requires extra
privileges? (e.g. File access, network access..).

--
Andrew Thompson
http://www.athompson.info/andrew/

Message posted via JavaKB.com
http://www.javakb.com/Uwe/Forums.aspx/java-general/200704/1