Menu
▾
▴
Re: [Cryptix-users] Impending certificate expiration
|
From: Edwin W. <ed...@wo...> - 2009-07-04 18:58:53
|
> I am using cryptix-jce and cryptix-openpgp in an application. The > certificate that signed the cryptix-jce-provider jar expires on 28 > Aug 2009. > > We will all either need: > > 1 - A new build, signed with a newer key. The Cryptix Foundation ltd is the owner of the certificate, but that organisation was dissolved a few years ago. While the private key is still (somewhere) in my possession, the foundation cannot get that certificate renewed anymore. So unless there is some other way for me to obtain a new certificate, there will be no new build. > 2 - A new JCE implementation that doesn't require signed jars. > 3 - A new package to use. Switching to Bouncycastle may be an option, but as the API is different that requires some work. Alternatively you or your organization could try to get your own code signing key and use it to create your own 'custom' version of the Cryptix JCE. Instructions are on the following page: http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step61 I'm very interested in the results. Edwin |
