Non-self-signed certificates remove security warning for applets?

Question

Non-self-signed certificates remove security warning for applets?

What exactly do certificates acquired from a CA do again (in the context of Java applets)?

Let's say I have an applet on a website that accesses user files (security certificate required). If I make a self-signed certificate, the client will receive a security warning asking if the client should trust this application. If I buy a certificate from a CA, does this security warning appear and access is automatically granted? If it doesn't remove the security warning, is there any point in buying one other than reassuring the customer?

Does this work with all CAs or just VeriSign and Thawte?

EDIT: I found this extremely helpful tutorial on how to set up a free verified certificate from Thawte: http://www.dallaway.com/acad/webstart/

+1

java security certificate applet self-signed

user107312 May 27 '09 at 8:03

a source to share

1 answer

Tom Hawtin - tackline · Accepted Answer · 2009-05-27T11:06:11+0000

In Sun's implementation, all certificates (except the JavaFX certificate) will display a dialog asking whether to remove protection. For a self-signed certificate, the dialog should have a warning color and take into account that the certificate cannot be verified. For a verified certificate from any known CA, a blue dialog will be displayed. If checked, the certificate is always accepted. The Java Control Panel has set configuration options to prevent users from trusting certificates (probably a very good idea).

Non-self-signed certificates remove security warning for applets?

More articles: