Question
I have an app, used via Java Web Start, that was hit by the newest update (7u51) w.r.t not accepting self-signed certificates. This app is sold and deployed to users (ie, not accessed via a webserver that I control).
I've purchased a new certificate from Verisign (Symantec, now), and was wondering if it's possible to simply send the users the new cert to sign the relevant files/import the cert, or do I have to recreate the JAR files with the signed certificate?
Solution
I'm not sure how you build your application or how you protect the private part of the certificate - usually, there is a passphrase involved. Are you really suggesting to spread these important details to other people?
You do realize that they can start signing anything using your key if you do, right?
Don't. Just ... don't.
https://stackoverflow.com/questions/21239660
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian