What exactly do certificates purchased from a CA do again (in the context of Java applets)?
Lets say I have an applet on a website that accesses the users files (requiring a security certificate). If I make a self-signed certificate, the client will get a security warning asking if the client should trust this application. If I purchase a certificate from a CA, does that security warning not appear and automatically grant access? If it doesn’t remove the security warning, is there a point to buying one, other than to reassure the client?
Does this work with all CAs, or just VeriSign and Thawte?
EDIT: I found this extremely helpful tutorial on how to set up a free verified certificate from Thawte: http://www.dallaway.com/acad/webstart/
Under Sun’s implementation, a dialog asking whether security should be removed will be shown for all certificates (except the JavaFX certificate). For a self-signed certificate, the dialog should have a warning colour and note that the certificate cannot be verified. For a verified certificate from any known CA will cause a blue dialog to be shown. A tickbox is provided always accept the certificate. The Java Control Panel set configuration options not to allow users to trust certificates (probably a very good idea).