I've developed an open source program, WPCleaner, which is distributed through Java Web Start. Current version is available at http://site4145.mutu.sivit.org/WikiCleaner/WikiCleaner.jnlp
With the recent updates in Java, it becomes more and more difficult to deploy Java applications through Java Web Start when you need the application to have a few permissions (writing in the preferences, accessing other web sites, ...)
My application was self-signed, which was ok before but new updates require users to accept the application every time they run it, not just once and for all if they wish. So, I decided to use a trusted certificate for signing my application.
I got one from Certum (apparently, they're free for open source developers), following this discussion: Code signing certificate for open-source projects?
I've generated a new jar file, signed with this certificate (jar file available at http://site4145.mutu.sivit.org/WikiCleaner/WikipediaCleanerTest.jar), but I still have problems: when I start the application through JWS, Java still displays a warning windows not letting me trust the application once and for all. Editor is still displayed as UNKNOWN, but when I look in the details of the message, it's my new certificate from Centrum that's being used.
Does anyone have an idea on what I'm doing wrong ? I thought that having a certificate from a trusted CA (Centrum seems to be in Java cacerts) would allow users to accept the certificate once and for all.
Thanks
PS: When I run jarsigner -verify, I get the following warning
"This jar contains entries whose certificate chain is not validated."
I think I finally managed to do it following this procedure:
Seems to work for me, I'm waiting for other users feedback to be sure that it works for them also.
Edit: I tried again to export the certificate from Chrome, and I saw that there's an option to include the certificate chain in the export. When doing this, I don't even need to use the KeyTool GUI afterwards. I've redeployed the test version signed with this new p12 :