Well the address has to be resolved at some point, that’s not exactly the problem.
The problem is that the applet wants to make sure the .jars come from the same source as the page holding the applet to make sure nobody is returning malicious jars instead of the originals. But when the sockets are opened using the URL it is resolving to a different address, yes, because you are using a cloud not a single server.
Im sure you can solve it by signing the .jars. That way the applet knows they are originals, no matter the source.
What I do is that I create a certificate manually. Like thie:
keytool -genkey -keyalg rsa -keysize 1024 -alias {put a name for the cert here} -validity 3650 -keystore {.. and a file name here.}
Note this will prompt for you to set a user and password for the certificate.
Then sign ALL your jars like this ->
$1/jarsigner -keystore { the above file name} -storepass password -keypass password whatEver.jar {cert name, from above.}
The only issue I have seen with this method is that since the cert is not signed by a recognized authority in the browser, it will promopt the first time to add it to the trusted certs. Normally not an issue.
Other wise you can:
1) Get a certificate from a recognized authority in the browser (Thwate, Verisign ) ( There are some that will do it for free)
2) Set up an authority and ask your users to add it into the browser s recognized authorities.
Hope this helps!
-Alex
