updating certifications

[GoogleCodeExporter]

In a big environment individually updating is not possible.

What is the expected output? What do you see instead?

A configurable reference site should be possible that can be automaticly  
consulted one a day/once a week for updates (check a checksum for example, if 
it complies no update is necessary, is there a difference update certifications 
is necessary from the reference  site.)
the reference path should only by an administrator account be changable.

Please provide any additional information below.

all O.S., updating via intranet/internet.(with or without proxy)

Original issue reported on code.google.com by tuxedo93@gmail.com on 15 Oct 2010 at 9:42

[GoogleCodeExporter]

Could you explain a bit more what you mean exactly?

Original comment by frank.co...@gmail.com on 16 Oct 2010 at 4:24

[GoogleCodeExporter]

He might be referring to the certificate used to sign the applet. We found this 
to be an issue sometimes... For example: the signed jar files (last version 
1.0.3GA) are only valid for 1 month (until 14/12/2011). Meaning that anyone who 
wants to rollout to production now must update the eid-applet again next month. 
This is very time consuming is a lot of installations require this applet.

A possible solution might be to not only sign the eid-applet but also timestamp 
the signature, so it remains valid after the expiration date (and hopefully not 
show security errors when loading the applet). 

This can be tested easily by changing your system time (e.g. change it to 
15/12/2011 and you'll see the current release of the eid-applet giving security 
warnings)

Original comment by m...@dimy.be on 14 Nov 2011 at 8:27

[GoogleCodeExporter]

These days we sign the eID Applet with a code signing certificate that lasts 
several years.

Original comment by frank.co...@gmail.com on 17 Oct 2012 at 12:38

• Changed state: Done