Not Recommended: Creating your Self-Sign Certificate
Even though this option is attractive because it is free, we do not recommend it as there are more and more warnings around self-signed certificates and your users may have to click on a few warning dialogs before being allowed to access the applet. To create a self-signing certificate, follow the steps below:
- Make sure you have a Java JDK installed on your machine (not the JRE). The key tool “keytool.exe” is distributed with the JDK and located under in $JAVA_HOME/bin. For instance C:\Program Files\Java\jdk1.6.0_26\bin\keytool.exe.
- Generate your own keystore. The command goes like (replace the ‘Qoppa’ instances with your company name)
keytool -genkey -keystore vkeystore -keyalg rsa -dname “CN=Qoppa Software, OU=Qoppa Software, O=Qoppa Software, L=Atlanta, ST=GA,C=NL” -alias id1 -validity 3600 -keypass mypass1234 -storepass mypass1234