-tsa or -tsacert timestamp for applet jar self-signed

Question

When I was trying to self-sign in the jar like below.

jarsigner -keystore my keystore myjar.jar myalias

It gives warning like:

Answer 1

I was facing the same problem. Without the timestamp the jar would not get signed.

When you add -tsa http://timestamp.digicert.com, it would not give any warning or error but still the jar would not be signed.

But then I added the following part and it worked for me.

-tsacert alias

So, basically my final command was

jarsigner -verbose -tsa http://timestamp.digicert.com -tsacert alias  -sigalg SHA256withRSA -digestalg SHA1 -keystore my-release-key.keystore android-release-unsigned.apk alias_name

Remember the alias_name in the command and the one in keystore should be the same.