Is there a way to do JNLP without certificates?

java certificate jnlp
Brian Knoblauch picture Brian Knoblauch · Aug 12, 2013 · Viewed 9.8k times · Source

I've got an internal only app that I've historically self-signed. With the latest version of Java, self-signing for JNLP is deprecated. I have also experienced strange problems with opening sockets from self-signed apps with Java 7U25 (but work fine when run as a normal jar from the command line).

Is there a way to do JNLP without signing at all? Given that it's an internal only app, signing is not necessary (to me). I really don't want to spend money buying a certificate when it's not truly necessary.

Answer

assylias picture assylias · Aug 13, 2013

It seems that the coming Java 7u40 recognises the need for a solution and provides a new feature:

In an enterprise that provides a common execution environment and manages the applications that employees access, the Deployment Rule Set feature enables the enterprise to establish a whitelist and a blacklist of known applications.

Related questions

Java jnlp application blocked by Security settings

I have an enterprise java application that has plenty of jars that are downloaded to the client's jvm cache by a jnlp file. When I start the application I get the following stack trace on Java Console: Exception in thread "…

Read More
How to import a .cer certificate into a java keystore?

During the development of a Java webservice client I ran into a problem. Authentication for the webservice is using a client certificate, a username and a password. The client certificate I received from the company behind the webservice is in .…

Read More
Trusting all certificates using HttpClient over HTTPS

Recently posted a question regarding the HttpClient over Https (found here). I've made some headway, but I've run into new issues. As with my last problem, I can't seem to find an example anywhere that works for me. Basically, I …

Read More