Is is possible to sign a java applet for free?

Question

I made a weird applet which allows you to paint with your voice. Obviously it requires access to the microphone, but Java applets are not allowed access unless they are signed. As far as I can tell its difficult and involves cryptography, and, though its not clear, I think that I'm expected to pay MONEY to Verisign as well. This all seems like a lot of paranoid innovation stifling bullsh** to me and I figure I'm not the first person to think so.

Is there just some way to bypass this "for educational or testing purposes?" or maybe turn off the security in my browser? or sign the applet for free?

I'm on Ubuntu 9.04 with Firefox 3.0.15 and Java 1.6.0

Answer 1

You can create a self-signed certificate using the Java keytool. It's sufficient for educational or testing purposes, but if you deploy code signed with it, people are unlikely to trust it.

I think Thawte used to offer a free e-mail signing certificate that could also be used for signing code. I'm not sure if that is still the case.

Answer 2

Here's a 3-step tutorial to do it.

Answer 3

You may go one step further and setup your own CA with OpenSSL.

This will allow you to create your own root certificate and generate any number of signing or SSL sertificates. You may then distribute your root certificate to your friends and ask them to install it in their respective browsers. After that the certificate chain for certificates create by your CA will always be valid and not self-signed ( many browsers look down on self-signed certs ).

If you are going to work with OpenSSL CA you may need pkeytool to import private key into java keystore file.