Is it possible to sign a java applet for free?

Question

I made a weird applet which allows you to paint with your voice. Obviously it requires access to the microphone, but Java applets are not allowed access unless they are signed.

Answer 1

You can create a self-signed certificate using the Java keytool. It's sufficient for educational or testing purposes, but if you deploy code signed with it, people are unlikely to trust it.

I think Thawte used to offer a free e-mail signing certificate that could also be used for signing code. I'm not sure if that is still the case.

Answer 2

You may go one step further and setup your own CA with OpenSSL.

This will allow you to create your own root certificate and generate any number of signing or SSL sertificates. You may then distribute your root certificate to your friends and ask them to install it in their respective browsers. After that the certificate chain for certificates create by your CA will always be valid and not self-signed ( many browsers look down on self-signed certs ).

If you are going to work with OpenSSL CA you may need pkeytool to import private key into java keystore file.