I already have a VeriSign certificate to sign EXEs. I need to reuse it to sign jars.
Is it possible to reuse that certificate to sign jars?
Can someone explain me, how to use this VeriSign certificate with Oracle's jarsigner to sign jar files?
Any help is appreciated.
Steps I followed:
Step 1. Create key store keytool -genkey -keyalg rsa -keystore MYStore.ks -alias mySelf -keysize 2048
keystore pw : 4804994 mySelf pw: abcdef
Step 2. Import Verisign certificate to key store
keytool -importcert -file MSCV-VSClass3.cer -keystore MYStore.ks
This displays certificate info and ask; Trust this certificate ? [no] : yes
Certificate was added to keystore.
Step 3. jarsigner -keystore MYStore.ks TestRun.jar mySelf
Warning: signer certificate will expire within six months.
Now I wanted to verify the signed jar.
jarsigner -verify -verbose -certs TestRun.jar
Warning: This jar contain entries whose signer certificate will expire within six months. This jar contain entries whose certificate chain is not validated.
As I understand, key store does not have the private key of the public key in the certificate.
How to solve this issue?
Cheers.
You can just start signing with the PFX file as this can be seen as a keystore file. The command you can try and use would be something like
jarsigner -storetype pkcs12 -keystore cert2013.pfx something.jar "1" -tsa http://verisignstimestampurl.something.comOr you can import the PKCS12 file into to a JKS file but that seems a bit pointless;
keytool -importkeystore -srckeystore cert2013.pfx -srcstoretype PKCS12 -deststoretype JKS -destkeystore keystore.jksHope any of the two commands above help. The first command you will have to find out what VeriSigns timestamp URL is, and the "1" was also a guess, you can view the alias assigned to it by typing;
keytool -list -keystore cert2013.pfx -storetype PKCS12Regards,