Signing a Java Applet
https://stackoverflow.com/questions/8085243
-
26-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have signed a Java Applet jar using Verisign certificate.
When Java Applet is run from a html/javascript , a dialog box appears which asks whether the unknown certicate needs to be trusted or not & the Java Application should be run or not. When clicked on Run button(indicating Agreed) & checking(ticked on) the checkbox which indicates that the user is not asked everytime , the Java Applet window is displayed.
Kindly confirm whether even after signing the Java Applet with a certificate which belongs to a trusted thirty party Certifying Authority(CA) like Verisign , the first alert dialog asking for confirmation whether to run the untrusted Java application is normally asked or not.
Solution
That depends on the browser's configuration. Unless the signer of the certificate is one which the browser has already been configured to accept automatically, the user will still be prompted to accept the certificate at least once.
Remember, your code is asking permission to perform privileged actions on the user's machine. Just because your identity has been verified by a trusted third party, doesn't mean that the user must automatically trust your code.
OTHER TIPS
To clarify Dan's answer: Yes, it will always ask the user the first time. This is the default configuration of the Java plug-in. The configuration could be changed, but that would be a very bad practice.
