J (banana) wrote in java_dev,

Heads up for people who write webstart or applets


You used to be able to sign your code with a self-signed certificate. It's close to not signing it at all, but the user could then agree to trust you for ever more. I have a few webstart apps publicly available, and more at work. Soon they will stop working. My choices will be:
  • pay hundreds of dollars for a proper certificate (extremely unlikely)
  • persuade the users to install "Deployment Rule Sets" to allow my stuff to run (almost as unlikely)
  • get the users to run the code locally without webstart (completely insecure, and I'll probably need to make an installer)
I don't see who wins here.
  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded