收录日期:2019/06/20 01:37:14 时间:2010-06-22 20:28:04 标签:java,certificate,java-web-start,codesign

I am looking for a code signing certificate that will be accepted by Java Webstart. It is for the Arianne Project (a ten year old open source project hosted on Sourceforge).

Unfortunately being "just" a spare-time open source project means we cannot proof our identity by posting extracts from the register of companies. Another issue is that code signing certificates seem to be rather expensive.

So if anyone has suggestions where to look, i will be very thankful.

Certum offers free Java Codesining certificates to open source projects.

As for price, here's a link to a previous answer of mine in another thread. $75 per year or less (if you register more than one year).

I'm not sure how hung up on identity they get, but have a look.

https://www.startssl.com is another organisation that lots of people on SO point to. I've never used them but give them a look.

I've used both Thawte and Verisign code signing certificates, and used them for Web Start on both Windows and Mac. However, I think any code signing certificate would work and is convertable to one that the Java Sign tool will accept. The important part is making sure that the Java Runtime Engine includes that vendor's root certificate.

Note that they keep adding more and more root certificates to each JRE that is released, so the options are increasing, but if you want even the oldest JRE to recognize the certificate, you should stick with the old standards like the ones I mentioned.

Tucows resells Comodo code signing certificates for rather cheaply. Comodo root certificates have been in the JRE since May, 2006, which was some version of JRE 1.5. Therefore, JRE 1.6 and later should support the Comodo code signing certificates.