The new Java update on January, the 14th won´t make your applets work unless you get them signed from a certificate Authority. However you might just make a workaround if you can make your users import your own certificate.
The steps to follow are:
1. In every jar edit the MANIFEST.MF file. The “Permissions” attribute must be provided. To grant all the permissions add the following line:
2. Edit the java web start file (*.jnlp). Although the latest documentation says it´s no longer necessary to include the security tag, to make it work with your self-signed jars the element must be included. For example, if you set “all-permissions” in the manifest, in the jnlp file you must insert:
<security> <all-permissions/> </security>
The “Codebase” attribute in the jnlp file must match the hosting server name including the port number (ex. http://localhost:8080/”).
Once you have packed all the jars, you can sign them with your own keystore. The steps to execute are the following:
3.Make a new keystore (ex. “demoStore”) with an alias (ex. “demoAlias”):
keytool -keystore demoStore -genkey -alias demoAlias
It will ask to insert some information (name, firm, country, etc.)
4.Make a self-signed certificate (valid for 3650 days):
keytool -selfcert -alias demoAlias -genkey -keystore demoStore -validity 3650
5.Sign all the jars like:
jarsigner -keystore demoStore FileName.jar demoAlias
After running the command, the console will display ”The signer certificate will expire in six months”.
6.Export the keystore certificate:
keytool -export –keystore demoStore -alias demoAlias -file demoStore.csr
7.Import the self-signed certificate.
In MS Windows you need import certificate. Open the Java Control Panel , navigate to Security -> Manage Certificates, select Certificate Type: “Signer CA” and import the new *.csr (ex. demoStore.csr) certificate.
Now you can run you Java Web Start application without warnings. You should see the following dialog : http://java.com/de/img/download/trusted_signed.jpg.