Is it possible to digitally sign a jar file that will be used to install CF in WebSphere?

Similar Messages

• Digitally sign a jar file for distribution?

  I recently got a jar of mine hosted for client use though a web page.
  The problem is that the jar needs to access the internet for several functions. JWS prompts the user for security reasons every time it makes a connection to a new url endpoint. Since one operation alone can hit 56 url's i thought this could be a bit of a hassle to the users.
  The solution, as I understand it to be, is to digitally sign the jar file, so the user is prompted once on download.
  I found a site ascertia which offers free certificates, but for the life of me I canb not get this to work.n I have seen keytool generate numerous errors, none of which mean anything to me. (too long >59, cant read chain from reply, invalid cert)
  Does someone know a clear and thorough tutorial on digital code signing and certs? Or a CA that provides certs for free, and has some instructions to go along?
  Thanks so much.
  The step i have trouble on is turning the CSR into a cert, and importing the returned cert back into the keystore.

  Masterkeedu wrote: !! It worked.
  Congratulations. :-)
  Masterkeedu wrote: So it's not certified, but is signed.
  So as I understand this, it means the end-user has no way to know it was me that truly signed it. But relies on their common sense I suppose.
  That is correct. The CA has verified, and is certifying, that you are who you claim to be. If you or I use a 'self signed' certificate, it does not carry the same level of trust. As you might understand already, the dialogs are different between the two certificate types, and some users cannot accept trusted code from an unverified (self-signed) certificate.
  I have been meaning to write a page on the differences between the two certificates. It is well worth looking into getting a cert. from a CA.
  There was a stage when one of the major CAs were offering 'freemail' certificates that came emblazoned not with your name, but 'free mail' itself. I did not like them because of that, and continue to use a self-signed certificate.

• How can I create a jar file that will run automatically on double click

  all the jars I created run only from the command-line.
  how can I make it run by double-click on it?

  First you will need to associate .jar files with the javaw.exe program in order to just be able to double click on the jar and run it from within a windows explorer application. Next you will need to set the main class attribute of the manifest file. My understanding is that the value of this attribute is used by the launcher to know which class to load. In other words, which is your main application class. To specify this attribute open your manifest file in a text editor. You will find this file located within the jar at META-INF/MANIFEST.MF. Then, add the line,
  "Main-Class:<relative path to the main class>" However, remember not to add the .class extension to the end of the class name.
  In Windows 2000 you can associate jar files with javaw by finding a jar file in Windows Explorer and right clicking it. This will give you a context menu which should have an Open With... option (if you are not using Windows 2000 and don't see the 'open with' menu item, try holding down the shift button while right click on the file). Select the Open With... option, then, when the dialog appears highlight javaw and select the "Always use this program to open these files" checkbox. When you hit the OK button you should have all your jar files associated with the javaw process.
  Once you've done this, you should be able to double click on your jar file and run your application.
  Regards,
  Daniel Walsh

• Can I progamatically sign a jar file?  i.e. w/o jarsigner tool

  Hi,
  I am new to development and am using Ant to build my packages.
  I need to sign the jar files that I produce, and now the only way I know how is with jarsigner.
  I'd like to find a way to do the signing within Ant, but can't find one.
  Is that possible?
  George

  I'm having trouble with the opposite: I'm trying to verify a signed jar programmatically.
  I've already read this article, and thought that I could do similar things in order to verify.
  However, this code uses classes from sun.security.util, and I couldn't find any documentation of this package.
  Any suggestion will be greatly appreciated!

• Is it possible to digitally sign a document in reader for iOS?

  We sign documents using adobe reader 9.3 &amp; std/pro 9.2 0. Can we create a digital signature and sign documents?

  Steve,
  Thanks for your reply.
  I did not think it was possible as yet.  We have many engineers and Pilots
  that wanted to use their iPads to sign documents.  This would eliminate the
  need to go back to their PC.
  I don't expect this feature to be too far in the future.
  Again thanks,
  Michael L. Pope
  Engineering Process Writer II, Dept 0663
  Engineering Operations
  Gulfstream Aerospace Corporation
  Tel. (912) 965-7362  Fax (912) 965-7650
  [email protected]
  This e-mail message, including all attachments, is for the sole use of the
  intended recipient(s) and may contain Personal Information under General
  Dynamics policy CP 07-105 and/or legally privileged and confidential
  information.  Any Personal Information can be accessed only by authorized
  personnel of General Dynamics and its approved service providers and may be
  used only as permitted by General Dynamics and its policies.  Contractual
  restrictions apply to third parties.  If you are not an intended recipient,
  you are hereby notified that you have either received this message in error
  or through interception, and that any review, use, distribution, copying or
  disclosure of this message or its attachments is strictly prohibited and is
  subject to criminal and civil penalties.  All personal messages express
  solely the sender's views and not those of Gulfstream Aerospace
  Corporation.
  If you received this message in error, please contact the sender by reply
  e-mail and destroy all copies of the original message.
                                                                                  From:       Steve Werner <[email protected]>                                                                               
  To:         mpope5 <[email protected]>                                                                               
  Date:       03/05/2013 11:32 AM                                                                               
  Subject:    Is it possible to digitally sign a document in reader for iOS?                                                                               

• Problems Signing a Jar File.

  Hi Everyone
  I'm having problems signing a jar file.
  The applet in the jar file was previously signed by Duke.
  Now I want to re-sign it with my company name.
  So I unzip the jar file. I was careful to remove the manifest and the Duke .sa and .rsa. I re-signed it with the netscape signtool.
  The applet works. It presents the prompt that it is signed by my company. I grant session. Then another prompt appears and it says it is signed by duke.
  but i was careful to remove the duke signature and manifest file when i unzipped it. Is it possible that the fact that it is signed by duke is stored in the bytecode ??
  It is using the <object tag by the way.
  <OBJECT classid="clsid:CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA"
       WIDTH = "100%" HEIGHT = "50" border="0"
       codebase="http://www.homework911.com/java/j2re-1_3_1_02-win.exe#Version=1,3,1,2">
       <PARAM NAME = "CODE" VALUE = "com.s.SApplet"/>
       <PARAM NAME = "CODEBASE" VALUE = "/_phone"/>
       <PARAM NAME = "type" VALUE="application/x-java-applet;version=1.3"/>
  stev

  great suggestion - there are no other signed jar files on the browser for it to access. There is a winzip file but it has no rsa/dsa and signature file in it.
  perhaps it is accessing something else that was signed by duke ?
  Would it be possible for it to connect to a server program that was signed by duke and therefore present the prompt. ?
  I'm trying to get the original unsigned classes and see if i can recompile and sign it just in case then name duke is in byte code.
  any other thoughts as to what this code be ?
  stephen

• Signing a jar file

  Guys, I've googled the crap out of this one. I need some help signing a jar file.
  Here is what I'm doing:
  1. Generating a key:
  keytool -genkey -keystore myKeyStore -alias myName2. Trying to sign the jar file:
  jarsigner -keystore myKeyStore -storepass myPassword -keypass myNamePassword myJar.jar myNameHere is the error I'm getting:
  jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore formatI'm using Ubuntu Linux.
  I wrote and built my project with Netbeans.
  Any ideas?

  Here is what the latest process looks like. What am I doing wrong?
  thomasaaron@ubuntu:~/Desktop$ keytool -genkey -alias thomasaaron -keystore myKeyStore
  Enter key store password: password1
  Enter key password for <thomasaaron>: password2
  You are about to enter information that will be incorporated into
  your certificate request. This information is what is called a
  Distinguished Name or DN. There are quite a few fields but you
  can use supplied default values, displayed between brackets, by just
  hitting <Enter>, or blank the field by entering the <.> character
  before hitting <Enter>.
  Common Name (hostname, IP, or your name): Thomas Aaron
  Organization Name (company) [The Sample Company]: Tom's Company
  Organizational Unit Name (department, division): Tom's Department
  Locality Name (city, district) [Sydney]: TommyLand
  State or Province Name (full name) [NSW]: Colorado
  Country Name (2 letter code) [AU]: US
  thomasaaron@ubuntu:~/Desktop$
  thomasaaron@ubuntu:~/Desktop$
  thomasaaron@ubuntu:~/Desktop$ jarsigner -storepass password1 -keystore myKeyStore SupportManager.jar thomasaaron
  jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format

• How to sign multiple jar files using the same certificate..?

  hi,
  I want to run my application using Java Web Start.. i am using around 16 different jar files out of which around 13 are 3rd party component jars. I want to sign these jars using the same certifcate..., i am using the follwing code to sign the jars:
  (for the jar file ischeduler.jar)
  keytool -genkey -alias signFiles91 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
  jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischeduler.jar ischeduler.jar signFiles91
  keytool -export -keystore dtss -storepass decisioncraft -alias signFiles91 -file ischeduler.cer
  keytool -import -alias DCA2 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
  (for the jar file ischedulerclient.jar)
  keytool -genkey -alias signFiles92 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
  jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischedulerclient.jar ischedulerclient.jar signFiles92
  keytool -export -keystore dtss -storepass decisioncraft -alias signFiles92 -file ischeduler.cer
  keytool -import -alias DCA3 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
  but when i use the above signed jars in my application i get an error saying:
  "jars not signed by the same certificate"
  can someone plz tel me wher is the error....thanx
  andy

  Well for mulitple signing of jar files you can use ANT tool. Its easier and faster.
  Regarding the present problem -- hmm.. well it looks like you are using 2 different alias names for signing the jar file. Try using the same alias name and that might solve your problem.
  regards
  Saby

• Why need to sign the jar files ????

  Hi
  Why does i have to sign the jar files to run my app ??
  are not another away to run the app???

  U just have to sign your jar if your application needs full access to the client-resources.
  http://java.sun.com/products/javawebstart/docs/developersguide.html
  andreas

• Digitally sign multiple pdf files

  How to digitally sign multiple pdf files with adobe acrobat XI?

  Are you trying to apply certificate-based encryption or add a signature to a PDF form field?
  The first one is easy with Acrobat Pro; just create a new Action with the encryption task set to your requirements, then run the Action against a folder of files.

• Is there a way to sign a JAR file programatically?

  Is there a way to sign a JAR file programatically?

  great! can you give me a short code snippet?
  what about signing J2ME MIDlets?

• Webstart : sign a jar file

  I have a desktop app that has to access local data files as well as network database server. At the moment, I have a executable jar file now when I try to run it with Webstart it complains about unsigned jar file asking for full access on a file. what do i need to sign a jar file. the jar file as is will work when someone double clicks the file icon but if the computer is not set up for java to open jar files, most likely if you have winzip , it will open the jar file. So other than the sdk what else do i need
  Thanks in advance

  thanks that was helpfull , but, I found a page on the suns web page which i found using another serch engine . I couldnt find it by searching this website.
  I apprectiat you taking the time, thanks

• Sign a JAR file & PKI card

  Can I use the certificates from my PKI card to sign a JAR file? The certificates are X.509 standard compliant.
  Many thanks!

  On a more serious helpful note... :) Jack up this value in the sign_webutil.bat file... Its defaulted to 360.. I set mine to 5000. Not sure how high it will go...
  REM
  REM Number of days before this certificate expires
  REM
  SET VALIDDAYS=5000
  REM
  REM Signing script starts here...
  REM
  Message was edited by:
  Mark Reichman

• Simply signing a *.jar file make applet able to read Client PC?

  If I simply sign my jar file, which is supposed to open a JFileChooser, and make a default web page that loads the jar as an applet supposed to grant all permisions? I tried this, and the applet pops up the "grant permisions". However the JFileChooser won't pop up?
  what if I put a .policy file online in the same directory, could this help or be modified to?

  Fractalz wrote:
  . . . Now that's the part I have been facing difficulties, cuz I have to include all the classes that the applet is using from other jar
  files. And I can not come up with a way to find out all those classes.See the Class-Path: parameter (of a Manifest file) documentation here:
  http://java.sun.com/javase/6/docs/technotes/guides/jar/jar.html#Manifest-Overview

• Help Signing a JAR File

  I currently have the j2sdk1.4.2_04 and j2re1.4.2_04 installed on my computer along with NetBeans 3.6. Do I need any other tools to be able to sign JAR files? Many websites say that I need "jarsigner" utility bundled along with JDK1.2/1.3 and "keytool" utility bundled along with JDK1.2/1.3. Is this true? Where can I get the appropriate files to download so that I can proceed?

  If you have the j2sdk installed, you already have the jarsigner and keytool utility programs. You don't need any other tools to sign JAR files.
  Instructions for generating keys and signing a jar file can be found from the security tutorial: http://java.sun.com/docs/books/tutorial/security1.2/toolfilex/sender.html