IMPORTANT NOTE: Oracle does not issue general code-signing certificates for applet or Web Start deployment. The process described here is only for obtaining certificates for use with the Java Cryptography Extensions (JCE) framework that require certificates issued by the JCE Certificate Authority (CA). Note that some OpenJDK implementations do not require a certificate.
A certificate received from this process will not work for anything other than authenticating JCE providers to the JCE framework (that is, the certificate will not work for deployment purposes.)
There are many third-party Java code-signing certificate providers available. To obtain a general code-signing certificate, please consult the major search engines using the terms:
Java Code Signing Certificate
Send, via email, the CSR for your Java Cryptography Extension provider and your contact information (see below) to email@example.com. Enter the following text in the Subject line of your email message:
Request a Certificate for Signing a JCE Provider
This exact subject line must be used, or the spam filters will not let the message through. Put the contact information in the body of the message and send the CSR file as a plain text attachment to the message. If your mail tool has an option for specifying the encoding format to be used for attachments, select the "MIME" option.
NOTE: The CSR file is just a plain text file, in Base 64 encoding. Only the first and last lines are human-readable.
Include the following contact information in the body of your message:
All of the above information is required.
Please allow ten business days for processing.
After the JCE Code Signing Certification Authority has received your email message, they will send you a request number via email. Please allow ten business days for processing.
Once you receive this request number, you should print, fill out and scan/email or fax the Certification Form for CSPs as instructed in the form.
After the JCE Code Signing Certification Authority has received both your email message and the required form, they will authenticate you, the requester. Then they will create and sign a code-signing certificate valid for 5 years. You will receive an email message containing two plain-text file attachments: one file containing this code-signing certificate and another file containing its own CA certificate, which authenticates its public key.
Please also allow ten business days from receipt of your request for processing.