What exactly do certificates purchased from a CA do again (in the context of Java applets)?
从CA购买的证书究竟又做了什么(在Java applet的上下文中)?
Lets say I have an applet on a website that accesses the users files (requiring a security certificate). If I make a self-signed certificate, the client will get a security warning asking if the client should trust this application. If I purchase a certificate from a CA, does that security warning not appear and automatically grant access? If it doesn't remove the security warning, is there a point to buying one, other than to reassure the client?
假设我在访问用户文件的网站上有一个小程序(需要安全证书)。如果我制作自签名证书,客户端将收到安全警告,询问客户端是否应该信任此应用程序。如果我从CA购买证书,是否会出现该安全警告并自动授予访问权限?如果它没有删除安全警告,除了向客户放心之外,还有一点需要购买吗?
Does this work with all CAs, or just VeriSign and Thawte?
这适用于所有CA,还是仅适用于VeriSign和Thawte?
EDIT: I found this extremely helpful tutorial on how to set up a free verified certificate from Thawte: http://www.dallaway.com/acad/webstart/
编辑:我发现这个非常有用的教程如何设置Thawte的免费验证证书:http://www.dallaway.com/acad/webstart/
1 个解决方案
#1
Under Sun's implementation, a dialog asking whether security should be removed will be shown for all certificates (except the JavaFX certificate). For a self-signed certificate, the dialog should have a warning colour and note that the certificate cannot be verified. For a verified certificate from any known CA will cause a blue dialog to be shown. A tickbox is provided always accept the certificate. The Java Control Panel set configuration options not to allow users to trust certificates (probably a very good idea).
在Sun的实现下,将显示所有证书(JavaFX证书除外)的对话框,询问是否应删除安全性。对于自签名证书,对话框应具有警告颜色,并注意无法验证证书。对于来自任何已知CA的经过验证的证书,将显示蓝色对话框。提供一个复选框始终接受证书。 Java控制面板设置配置选项,不允许用户信任证书(可能是一个非常好的主意)。
#1
Under Sun's implementation, a dialog asking whether security should be removed will be shown for all certificates (except the JavaFX certificate). For a self-signed certificate, the dialog should have a warning colour and note that the certificate cannot be verified. For a verified certificate from any known CA will cause a blue dialog to be shown. A tickbox is provided always accept the certificate. The Java Control Panel set configuration options not to allow users to trust certificates (probably a very good idea).
在Sun的实现下,将显示所有证书(JavaFX证书除外)的对话框,询问是否应删除安全性。对于自签名证书,对话框应具有警告颜色,并注意无法验证证书。对于来自任何已知CA的经过验证的证书,将显示蓝色对话框。提供一个复选框始终接受证书。 Java控制面板设置配置选项,不允许用户信任证书(可能是一个非常好的主意)。