Adito v0.9.1 SVN R706 signed version – Lars Werner
Jan 262014
 

Oracles recent Java changes have “forced” applets to be signed.
My point of view is that Oracle is bullying a lot of open source developers.
Many of us doesn’t have the funds for $100-$500 a year certificate fees.
There are one solution for open source developers to get a certificate for free; certum.eu

I have recently been granted 1 year certificate from Certum.eu and used it on the Adito project.
Certum.eu CA is included in Java, IE, Firefox, Chrome, etcetera; so end users have the chain already.
An article regarding signing existing jars, will be published later.

When you launch the client you still will get the SSL-certificate error.
To fix this you have to buy a SSL-certificate for you site, but for now Java accept self-signed SSL-certs.
SSL cert error still there

When the actual applet launch, the certificate present the signed-title.
Certum always add “Open source developer x, x” in their certificates.
Adito signed jar version

Please note that a certificate is not equal to safe code. When an applet has a cert, it is always executed outside the sandbox.
Meaning that you grant full access to your computer. Since I only provide the installer I cannot take any responsibility regarding what Adito does with your system! No changes has been done to the binaries on this release, only the cert and webpage template change.

After you pushed “run” the client run as normal
Lunch adito

Download the new version from the Adito SVN R706 page.
Please backup before you update!

 Posted by at 08:00:28

Leave a Reply

%d bloggers like this: