I'm trying to sign a jar file with a code signing certificate issued by globalsign.
I'm completely new to this but after some googling and a lot of trial and error, I executed the following steps.
I've imported the certificate in my keystore using:
keytool -importcert -alias signalias -file OS200912023195.cer
When I try to sign my jar file using:
jarsigner applet.jar signalias
I get the following error:
jarsigner: Certificate chain not found for: signalias. signalias must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
Did I forget something or lies the problem with the certificate?
...I'm wondering if I maybe need something more than just a cer file?...
@Mark I guess you're right. As I can remember, the exception type like
jarsigner: Certificate chain not found for: signalias. signalias must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
... makes me think you trying to sign jar with cert only. So you must be skipped some important steps :|
The first thing you have to do if you want to use certificate is to gen CSR...
keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048
keytool -certreq -alias mydomain -keystore keystore.jks -file mydomain.csr
if you are OK with OpenSSL then gen your own cert as follows step D...
...back to your keystore
keytool -import -trustcacerts -alias root -file server.crt -keystore keystore.jks
Comment if that helps
.cer
files never store private keys, and to sign a JAR
you need to have a private key in your keystore. So I guess, you need to find out where the private key of your certificate is, and add it to your keystore.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With