Trouble installing and using a code signing certificate
ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Trouble installing and using a code signing certificate
Looking for some assistance with installing and using code signing certificates?
Specifically, for the moment, this is in a mac environment and I’m looking to sign a jar file.
I’ve had little in the way of support from the company from which I bought the certificates, at least that I was able to understand. Google has only served to further confuse and none of my inner circle are able to offer any advice.
So, where am I at, well, I have a couple of certificates but have only activated one, so for the time being I have downloaded two files:
.cer
.pem
I have an application from the provider, which seems to show the certificate as valid: [see one of attached images]
From here, I have little to no clue, though I have tried various combinations of trying to use keytool to import the certificate into my keystore and on running keytool –list I get: [see one of attached images]
And an example of trying to sign a random jar results in: [see one of attached images]
Any help or advice would be greatly appreciated.
Apologies for not being able to display the images inline.
Well, it would be a good thing if you had a *.p12 file (let's say jsign.p12), with a password stored in another file (say jsign.pwdfile), and it contained a private key and certificate with a knows alias (say jsign_alias).
Mind you, the keystore doesn't have to be a p12 file (meaning pkcs12), it can be JKS format as well; the signing is the same, the creation of self-signed certificate:
(Conversion between the two format is also possible with 'keytool -importkeystore')
Back to your problem: your screen-shots suggest that you have imported your cert+key into ~/.keystore with alias mykey, but something went wrong.
Command 'keytool -list -v -alias mykey' should give more information, eg:
Code:
$ keytool -list -v -alias jsign_alias -keystore jsign.p12 -storepass:file jsign.pwdfile
Alias name: jsign_alias
Creation date: 2018.12.08.
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Misty Waterflower, O=Gym, L=Cerulean, ST=Kanto, C=PK
Issuer: CN=Misty Waterflower, O=Gym, L=Cerulean, ST=Kanto, C=PK
Serial number: 67199b76
Valid from: Sat Dec 08 06:59:57 CET 2018 until: Thu May 30 07:59:57 CEST 2024
Certificate fingerprints:
MD5: 56:F1:C1:98:9E:1E:ED:7C:C0:34:CC:A2:C9:38:D7:D3
SHA1: F3:CE:BF:32:FD:D7:52:11:2D:9A:0E:CC:49:FB:CF:3D:19:59:B8:87
SHA256: B1:86:1B:DC:7A:B0:53:B9:D0:5E:C1:2F:44:D6:E6:5E:99:EF:19:15:25:3A:17:3B:EF:05:A1:1E:E8:FA:D3:54
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.