Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it possible to sign a java applet for free?

I made a weird applet which allows you to paint with your voice. Obviously it requires access to the microphone, but Java applets are not allowed access unless they are signed. As far as I can tell its difficult and involves cryptography, and, though its not clear, I think that I'm expected to pay MONEY to Verisign as well. This all seems like a lot of paranoid innovation stifling bullsh** to me and I figure I'm not the first person to think so.

Is there just some way to bypass this "for educational or testing purposes?" or maybe turn off the security in my browser? or sign the applet for free?

I'm on Ubuntu 9.04 with Firefox 3.0.15 and Java 1.6.0

like image 493
Nathan Avatar asked Dec 06 '09 20:12

Nathan


People also ask

What can I use instead of Java applet?

You can still relive the heyday of Java applets through UltraStudio, an online museum of educational applets, but Java has been mostly replaced by Flash and JavaScript for creating interactive programs on the web.

What is Java code signing?

A Java code signing certificate is useful for securing all types of Java software and executables. It gives assurance to users that the identity of the software publisher has been rigorously vetted by a publicly trusted certificate authority (CA).

What plug in provides an alternative Java Runtime Environment capability of running the forms applet?

Using JNLP via Next-Generation Java Plug-in (JDK 1.6u10) "Java Plug-in" is a web browser plug-in that provides a JRE for executing Java applets inside the web browser.


1 Answers

You may go one step further and setup your own CA with OpenSSL.

This will allow you to create your own root certificate and generate any number of signing or SSL sertificates. You may then distribute your root certificate to your friends and ask them to install it in their respective browsers. After that the certificate chain for certificates create by your CA will always be valid and not self-signed ( many browsers look down on self-signed certs ).

If you are going to work with OpenSSL CA you may need pkeytool to import private key into java keystore file.

like image 143
Alexander Pogrebnyak Avatar answered Oct 18 '22 11:10

Alexander Pogrebnyak