An interesting combination is using https by the java-client that has been started using jws/jnlp. This way a safe communication mechanism that goes through most firewalls is possible between client and its server. But https requires a public certificate, which must be trusted in order to go on with the communication. For this purpose, the java world knows the concept of the truststore, which contains all the certificates that are trusted. But this truststore is specified by a system property as a file name, which is hardly compatible to the typical java-web-start situation, where there is no common, platform independent absolute path for a file which is ideally even writeable in order to download and install new trusted certificates, if approved by the user.
Is there any best practice how to solve this kind of issue?
What would work is this: Try serveral directories, download certificate, store it in truststore in one of these directories and set the system property appropriately thereafter. But it is not really smooth. Any ideas?