openmeetings-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roberto Resoli <robe...@resolutions.it>
Subject Re: Getting screensharing application signed
Date Wed, 02 Apr 2014 13:00:20 GMT
Il 02/04/2014 14:13, Roberto Resoli ha scritto:
> Il 02/04/2014 13:34, rene@meecoda.de ha scritto:
...
> It seems
>> some server certificates can do the signing and some not. Confusing!!!
>
> Yes. Certification Authorities sell different Certs, whith different
> pricing, for that.

I created an english version of the HowTo:

https://sourceforge.net/apps/trac/j4sign/wiki/HowtoSignCode_en

Regarding code signing in recent Oracle JVMs, there are lot of 
restriction introduced, in particular with 1.7.0_51 i noted that
the certificate for code signing has to have a CRL or OCSP verification
attribute (or both), and the URL specified in the attribute has to point 
to a working revocation check service in order the verification (with 
default JVM security settings) to pass.

I will provide related modifications into openssl.conf defaults in my 
howto very soon.

rob

> rob
>


Mime
View raw message