Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / March 2005

Tip: Looking for answers? Try searching our database.

need to auotmate applet signing through build script

Thread view: 
Enable EMail AlertsStart New Thread
turbo_vee@yahoo.com - 22 Feb 2005 17:07 GMT
I received a certificate issued by Verisign and imported in my Keystore
and I can successfully sign the applet.

But I *also* need to be able to export the certificate to a file so
that it can be integrated with the build process. I am unable to do
that.

Here is the directive I use in my ant build scripts.

<signjar sectionsonly="true" storepass="passowrd" keypass="keypassword"
storetype="jks"   jar="${FEA}" alias="certificate alias name"/>

This command works only from my machine. but I need to be able to allow
different developers and build engineers to build and sign the applet.

I am not sure what value should i be using for
keystore="" attribute. I tried giving it a certificate file name but
that wont work.

any help will be greatly appreciated.
Reply to this Message
Chris - 16 Mar 2005 07:39 GMT
> I received a certificate issued by Verisign and imported in my
> Keystore and I can successfully sign the applet.
[quoted text clipped - 18 lines]
>
> any help will be greatly appreciated.

Hello,
You need to export both the key and the certificate, not just the
certificate. It turns out there is actually no way to export a key
from a keystore using the keytool program. If you've got the
time/knowledge/inclination, you can write a quick Java program
that'll open the keystore, pull the key, and save it to a file. You
might also be able to find such a program on Google. I think you
would need a companion program for your colleagues to run to import
the key into their keystores, after which the certificate could be
imported via keytool.

Chris
Reply to this Message
Michel Gallant - 16 Mar 2005 14:12 GMT
Some related info on this is how to extract the certificate and private
key from JSK keystore, into standard pkcs#12 format:
 http://www.jensign.com/JavaScience/Thawte
(3rd Party Solutions paragraph).

- Mitch Gallant
  JavaScience Consulting

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
[quoted text clipped - 41 lines]
> =o0vI
> -----END PGP SIGNATURE-----
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.