Jan 262014
 

Oracles recent Java changes have “forced” applets to be signed.
My point of view is that Oracle is bullying a lot of open source developers.
Many of us doesn’t have the funds for $100-$500 a year certificate fees.
There are one solution for open source developers to get a certificate for free; certum.eu

I have recently been granted 1 year certificate from Certum.eu and used it on the Adito project.
Certum.eu CA is included in Java, IE, Firefox, Chrome, etcetera; so end users have the chain already.
An article regarding signing existing jars, will be published later.

When you launch the client you still will get the SSL-certificate error.
To fix this you have to buy a SSL-certificate for you site, but for now Java accept self-signed SSL-certs.
SSL cert error still there

When the actual applet launch, the certificate present the signed-title.
Certum always add “Open source developer x, x” in their certificates.
Adito signed jar version

Please note that a certificate is not equal to safe code. When an applet has a cert, it is always executed outside the sandbox.
Meaning that you grant full access to your computer. Since I only provide the installer I cannot take any responsibility regarding what Adito does with your system! No changes has been done to the binaries on this release, only the cert and webpage template change.

After you pushed “run” the client run as normal
Lunch adito

Download the new version from the Adito SVN R706 page.
Please backup before you update!

Jan 172014
 

Oracle have updated their Java with a lot of annoying popups.
Oracle probably think that this increase the security of their “swiss cheese executable container” called java.

Adito is no longer developed and at the time it was, Java was “the-way-todo-it”.
Adito from my site is a unsigned applet, the default setup action now is to block it.

The best way to get rid of the problem is to decrease the security settings to “Medium”.

But you can add exceptions for your own site, and still keep “security” high.
Below this method is explained.

Here is the problem when you run Adito without rights to run:
java warning 1
java block 1
java failed 1

To fix this go to the control-panel, then run Java-settings:
java controlpanel

Go to the security-tab and push the “Edit site list”:
java security

Add your site to the security list, this is the same as in your browser addressfield:
java security add site
java security add site localhost

Now when you reload your Adito-agent, you will be presented with this prompt:
java in browser accept agent

If you accept the risk, check it and push run.
(The Adito-agent is compiled by me, unchanged from source.)
The agent should be running like before.