| cfg | ||
| lib | ||
| release | ||
| res | ||
| src/net/mcodev | ||
| .gitignore | ||
| autoexec.cfg | ||
| launchpad-512.psd | ||
| LICENSE | ||
| proxy.pac | ||
| README.md | ||
Important information for the TrustShield
If you want to use this technology with our Certificate Authority, send us your Certificate Signing Request (CSR). You can find our contact details on the Contact Page. Because your certificate will be signed by mCoDev Systems Applications (CA), you must generate your CSR using that specific certificate. You can obtain it from our certificate repository. Your certificate will be signed as a CA, allowing you to sign individual user certificates.
The certificate you receive will be valid for 5 years. After that period, you will need to create a new CSR and send it to us to issue a new certificate.
You may also choose to use your own Certificate Authority if you prefer not to use ours. In that case, some modifications to the TrustShield API class are required. In ./src/net/mcodev/jcips/library/security/TrustAPI.java, update the following lines as needed:
/**
* This is the mCoDev Systems' Public Trust CA Root certificate. You can get it from the mCoDev Systems
* Certificate repository at https://cert.mcodev.net
*/
static final String MCN_PUBLIC_TRUST_CA = "./.certificates/mCoDev_Systems_Public_Trust_CA.crt";
static final String MCN_PUBLIC_TRUST_CA_HASH = "73CE8FA5CA778A0416960B9E28950B0BEFF7FB472EDB51141CB1BAC6EAAA77B8";
static final String MCN_APP_CA = "./.certificates/mCoDev_Systems_Applications.crt";
static final String MCN_APP_CERT = "./.certificates/MCN_Launch_Pad_-_Example.crt";
The hash used in MCN_PUBLIC_TRUST_CA_HASH is a SHA256 hash, written in uppercase, and corresponds to the hash of the root CA certificate file specified in MCN_PUBLIC_TRUST_CA.
Please Note: Do not use the MCN_Launch_Pad_-_Example.crt certificate in production. It is only a test certificate and you can't use it anyway, because we're keeping the key private 🙂 -- Either send us a CSR for generating a new certificate, or create your own Certificate Authority tree.
After receiving your certificate, place it in the .certificates folder and update the MCN_APP_CERT constant to match the filename of your certificate. Once updated, you can rebuild the project and deploy it to your environment.
Final thoughts
If you plan to use this application for yourself as a single user, and you are not loading configuration files from a public source (such as OneDrive, MS Teams, or any shared location), you technically do not need to enable TrustShield. In this case, it is safe to leave it disabled.
⚠️ Warning: ⚠️ Do not use the application in a multi‑user environment, especially when configuration files are stored on a public or shared source, without TrustShield properly configured and enabled. Because the application can execute system commands and code at runtime, an attacker could modify configuration files on unprotected public sources. This could lead to a severe security risk if TrustShield is not active. TrustShield will protect individual user instances, by rejecting unsigned modifications to configuration files, or configuration files with an invalid signature that are stored on unsafe locations.
Please check the User Reference Guide for more information about TrustShield.