Tuesday, August 13, 2002 11:59 AM
The JSSE provides SSL functionality. If SSL is the level of security you need, then the JSSE will fulfill this need.
You only have to buy certs if you expect other people to trust you. Since you got the certs from a trustworthy source, you too are who you say you are.
You can use the keytool to add your purchased certs to your Java keystores which your applications can use to decide if they trust each other. You can't use the keytool to change the certs. There is no difference between a Verisign cert and a self-signed cert, except that Verisign signed theirs, and you signed yours. People trust Versign, but not you.