Posted by jfalkner
on November 21, 2005 at 12:29 PM PST
Do you sign your code with your SSL certificate? Beware of the new javaws!
Here is something that upsets me quite a bit.
What happens? That SSL certificate you bought that worked just fine for signing code that is used by WebStart 1.4 releases now might not work with WebStart 1.5 releases. Make that probably won't work from sources such as GoDaddy.com or Thawte. Worst yet, keytool doesn't complain when signing your code. You won't see the problem until running the app as a user.
As a user commented in the bug report.
You mean the Thawte Super Cert we just renewed for US$700+ cannot also be used for code signing??? UN-F-ING-BELIEVABLE.
And a later user followed with.
[...] Whoever came up with this new feature should be fired.
I pretty much agree. What is this change? A ploy to get folks to buy another, more proper certificate and a touch of lets-cripple-webstart-some-more? I really hope someone has a fantastic reason for explaining this WebStart change. Please keep it simple so I can use it to answer all the e-mail's I get about Sun's auto-update clobbering my JNLP apps.
Suggested fix: keep compatibility with WebStart 1.4. Who cares if your SSL certificate doesn't have code signing extensions?