The process is described in the document, "How to Implement a Provider."
It involves emailing Sun Oracle some information (including the CSR you generated for your signing key), then faxing a confirmation document. Getting your signed certificate back can take a week or more, so plan ahead.
You only need to sign your provider if it provides services that are restricted by some (repressive) governments. For example, a Cipher
implementation is a restricted "service," while MessageDigest
is an unrestricted service. I assume with the message you're getting, that you are trying to provide a restricted services.
If you provide any of these services, there's no way around it: You need a code-signing certificate issued by Sun. (One from IBM might work too; if I recall correctly, their code-signing CA is supported, but I don't know anything about their issuing process.)
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…