[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [platform-update-dev] signed jars???
|
Patrick,
This is part of the productization
If you want to do the
ALL-NINE-YARD-AND-SPEND-MONEY
-> get a certificate from Verisign or
Thawte or any trusted certificate that is inside cacerts of any Java
JRE
If you want to do-it-yourself in your product
Generate a self sign
certificate, put the public key in a keystore, ship the keystore so it is on the
security.path of the policy.file
In both cases, you will need to sign
your jar (jarsign) but the will be verified and the authenticator will be
identified
Christophe Elek
Eclipse
Project: <http://eclipse.org>
IBM canada
Tuesday,
May 14, 2002 11:22 AM
To: platform-update-dev@xxxxxxxxxxx
cc:
Subject:
Re: [platform-update-dev] signed jars???
Great, I got the file reference to the non-plugin
file. Is there some infrastructure
in place to do the jar signage? I understand the jar signage stuff very,
very vaguely, but my understanding is that you need to sign with a well known
key. Is there some pre-existing key I can use (I think Netscape was using
one for applets, for instance)? Or does my product need to handle this
somehow as part of productization?
Patrick Mueller
patrick_mueller@xxxxxxx