Hello Everyone.

I'm creating a package that will deploy a Java Rule

1.    Identify critical applets and web start applications, either by location (e.g. http://payroll.example.com), name (e.g. Solitaire), or code-sign hash. - Completed

2.    Create a file called ruleset.xml - Completed

3.    Package your ruleset.xml into a signed DeploymentRuleSet.jar – Stuck. L

4.    Deploy your DeploymentRuleSet.jar to user desktops

5.    Verify usage of your rule set on a client desktop

I have the ruleset.xml and converted it to DeploymentRuleSet.jar. 

I got stuck on signing the jar file. 

I checked all forums but they have different approach on signing the jar file. 

Guys you know how I can simply sign the jar file? What I need to install to use a tool to sign the jar

0 Comments   [ + ] Show Comments


Please log in to comment


Answered 11/28/2014 by: emgz01
Senior Purple Belt

  • little bit confused on how they put the parameters. I have the exported certificate from our organization. Can I use that one?
    • I believe you can use the one you already have.

      Add it through the Java Control Panel as described in the link.
      For the next part, you may need to only do the jarsigner portion but I included both in case:
      1) keytool -import -file <YourCert.crt> -alias <AliasOfYourCert> -keystore <YourFile.jks>

      2) jarsigner -verbose -keystore server.p12 -storepass <YourPassword> -storetype pkcs12 DeploymentRuleSet.jar <TheAliasOfYourCert>

      Now copy the jar file into C:\Windows\Sun\Java\Deployment and test. Also, look for "trusted.cacerts" in your AppData\LocalLow\Sun\Java\Deployment\security folder and copy that file to C:\Windows\Sun\Java\Deployment\Security in your package.
      • 1) keytool -import -file <YourCert.crt> -alias <AliasOfYourCert> -keystore <YourFile.jks>

        Is the .jks file can create everywhere?

        My certificate is .cer I just rename it as .crt.

        2) jarsigner -verbose -keystore server.p12 -storepass <YourPassword> -storetype pkcs12 DeploymentRuleSet.jar <TheAliasOfYourCert>

        who is server.p12? the -storetype "pkcs12" refer to .cer?
      • This content is currently hidden from public view.
        Reason: Removed by member request
        For more information, visit our FAQ's.
      • keytool.exe -import -file "C:\Temp\deprule\cert.crt" -alias mycert -keystore "C:\Temp\deprule\mycert.jks" -noprompt
      • jarsigner.exe -verbose -keystore "C:\Temp\deprule\mycert.jks" -storepass changeit -storetype pkcs12 "C:\Temp\deprule\DeploymentRuleSet.jar" mycert
      • following it this is my error

        jarsigner error: java.lang.RuntimeException: keystore load: DerInputStream.getLe
        ngth(): lengthTag=109, too big.
Please log in to comment
Answer this question or Comment on this question for clarity