Signing .Jar file

Question

Im sitting with a bit of a problem. Im busy creating a php/html website (intranet) for our support team to make life a bit easier when support linux machines.

I hav

Answer 1

First create a key-pair using keytool.

keytool -genkey -alias somekeyname

Then use jarsigner to sign it with the key you just created.

jarsigner /path/to/jar somekeyname

Note, you need to use the same alias (somekeyname here) as the one you create the key with.

Now, since the certificate is self-signed, the user of your applet will be prompted to approve the certificate. Once they do so, your tcp connections should work.

Since I assume you're only using the applet internally in your organization, self-signed certs should be fine. Otherwise you will have to pay for a certificate. In that case, your users will not need to accept the certificates after the first time (if they choose Always Allow").

Answer 2

You can sign jars using :

Install this Eclipse plugin

Eclipse Webstart Plugin.

You will just need to export as "Webstart". It will prompt you to sign the jars.

DEMO

Answer 3

This is a somewhat complex area, and you essentially need to know what you are doing, and you may have to pay real money for a signing certificate.

The Sun Java Tutorial cover the topic well: http://docs.oracle.com/javase/tutorial/deployment/jar/signing.html

If the intent is to give the support people a ssh client, there might be better solutions.

Answer 4

Combined the top answer with some useful hints to get completely unattanded script:

keytool -genkey -noprompt -alias Alias -dname "CN=Hostname, OU=OrganizationalUnit, O=Organization, L=City, S=State, C=Country" -keystore path.to.keystore -storepass password -keypass password -validity 3650
jarsigner -keystore path.to.keystore -storepass password -keypass password -signedjar signed.jar unsigned.jar Alias