Keytool integration with KSP for Jarsigner

Jarsigner is a command-line tool provided as part of the Java Development Kit (JDK). It is used to digitally sign Java Archive (JAR) files and other related artifacts.

You can manage your cryptographic resources (certificates and keypairs) with Keytool using DigiCert® Software Trust Manager KSP integration.

Prerequisites

Configure KSP library
Install and configure Signing Manager Controller (SMCTL)
Configure your credential for Windows
Install Microsoft JDK 11
Nota
This signing method may not be compatible with other distributions of OpenJDK.

keytool commands (KSP)

You can use keytool with the DigiCert KSP to list keys, generate CSRs, generate certificates, and export certificates.

List keys

To list keypairs with the DigiCert® Software Trust Manager KSP, run:

keytool -keystore NONE -storetype Windows-My -list

Export certificate

To export a certificate with the DigiCert® Software Trust Manager KSP, run:

keytool -keystore NONE -storetype Windows-My -exportcert -file <file_name.cer> -alias <keypair_alias> [-rfc]

Sign with Jarsigner

You can sign directly with Jarsigner or via DigiCert's signing tools integrated with Jarsigner:

ejemplo 1. Sign via DigiCert signing tools

Sign with SMCTL
SMCTL is a command line interface (CLI) that offers simplified signing with Jarsigner.
Sign with DigiCert® Click-to-sign
DigiCert® Click-to-sign is a graphic user interface (GUI) that offers simplified signing with Jarsigner.

ejemplo 2. Sign directly with Jarsigner

En esta sección:

Keytool integration with KSP for Jarsigner

Prerequisites

Nota

keytool commands (KSP)

List keys

Export certificate

Sign with Jarsigner

Related articles

Resultados de la búsqueda