Jars not signed with same certificat

Similar Messages

• JAR resources in JNLP file are not signed by same certificate

  I am running my application under Java Web Start with different jars signed. I following the advances use multiple JAR files in JNLP files below.
  But i message error "+*JAR resources in JNLP file are not signed by same certificate*+" is posted still.
  Could you please help me to solve it?
  Thanks
  Best Regards,
  Tuan Pham
  index.jnlp_
  +<?xml version="1.0" encoding="utf-8"?>+
  +<jnlp spec="1.0+" codebase="http://localhost:8080/quotationsys" href="index.jnlp">
  +<information>+
  +<title>File Viewer</title>+
  +<vendor>IBM developerWorks</vendor>+
  +<homepage href="index.html"/>+
  +<description>File Viewer</description>+
  +<description kind="short">File Viewer</description>+
  +</information>+
  +<security>+
  +<all-permissions/>+
  +</security>+
  +<resources>+
  +<j2se version="1.5.0_*" />+
  +<jar href="quotationsys.jar"/>+
  +<nativelib href="swt-lib.jar"/>+
  +<jar href="swt.jar"/>+
  +<extension href="extlib.jnlp"/>+
  +</resources>+
  +<application-desc main-class="layout.MainMenu"/>+
  +</jnlp>+
  extlib.jnlp_
  +<?xml version="1.0" encoding="utf-8"?>+
  +<jnlp spec="1.0+" codebase="http://localhost:8080/quotationsys" href="index.jnlp">
  +<information>+
  +<title>File Viewer</title>+
  +<vendor>IBM developerWorks</vendor>+
  +<homepage href="index.html"/>+
  +<description>File Viewer</description>+
  +<description kind="short">File Viewer</description>+
  +</information>+
  +<security>+
  +<all-permissions/>+
  +</security>+
  +<resources>+
  <jar href="cvom.jar"/>           
  <jar href="CrystalReportsRuntime.jar"/>
  <jar href="CrystalCommon2.jar"/>
  <jar href="DatabaseConnectors.jar"/>
  <jar href="JDBInterface.jar"/>
  <jar href="keycodeDecoder.jar"/>
  <jar href="pfjgraphics.jar"/>
  <jar href="QueryBuilder.jar"/>
  <jar href="commons-collections-3.1.jar"/>
  <jar href="commons-configuration-1.2.jar"/>
  <jar href="commons-lang-2.1.jar"/>
  <jar href="commons-logging.jar"/>
  <jar href="com.ibm.icu_3.8.1.v20080530.jar"/>
  <jar href="log4j.jar"/>
  <jar href="xpp3.jar"/>
  <jar href="jai_imageio.jar"/>
  <jar href="logging.jar"/>
  <jar href="com.azalea.ufl.barcode.1.0.jar"/>
  +</resources>+
  +<component-desc/>+
  +</jnlp>+
  Edited by: pttuan on Apr 13, 2009 1:55 AM

  Are all of the jars in extlib.jnlp signed by the same cert? I think that the extension mechanism lets you get around having all of the jars for an overall app have the same signer, but I think it's still required that all of the jars within a given jnlp file have to have the same signer. So for you, all the jars in index.jnlp have to be signed by "cert A" and all the jars in extlib.jnlp have to be signed by "cert B". If that's not the case, you may need to split it up into multiple extensions.

• Web Start : JAR resources in JNLP file are not signed by same certificate

  What does this error mean exactly?
  All the jars in this JNLP file are signed by the same certificate it's just that some of them are also signed by another certificate.
  According to this closed/fixed bug : http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4928787
  Web Start should not be rejecting jars due to multiple signers???
  Is this a regression in 1.6? or was this never actually fixed?
  I can make this work by not signing these 'presigned' jars and putting them into extension JNLP files but this is less than desirable.
  Some reasons for not using the extension JNLP:
  -- Avoid this bug (which is also marked closed but not fixed) --> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6566071
  -- I would like to sign all the jars I deliver with my own certificate.
  -- I would also like to give my clients the ability so sign the jars themselves (their own certificate) after they certify the application for distribution throughout their organization.

  Thanks for responding.
  Here is an example that will show the problem. If you want to try yourself:
  NanoHTTPD.java is from here -> [http://elonen.iki.fi/code/nanohttpd/|http://elonen.iki.fi/code/nanohttpd/]
  C:\test>java -version
  java version "1.6.0_03"
  Java(TM) SE Runtime Environment (build 1.6.0_03-b05)
  Java HotSpot(TM) Client VM (build 1.6.0_03-b05, mixed mode)
  C:\test>dir
  Volume in drive C has no label.
  Volume Serial Number is CCC7-E05D
  Directory of C:\test
  04/10/2008  12:34 PM    <DIR>          .
  04/10/2008  12:34 PM    <DIR>          ..
  04/10/2008  11:04 AM               130 hello.java
  04/10/2008  11:30 AM               500 hello.jnlp
  04/10/2008  11:06 AM                89 hellohelper.java
  04/10/2008  09:52 AM            20,547 NanoHTTPD.java
                 4 File(s)         21,266 bytes
                 2 Dir(s)  26,292,060,160 bytes free
  C:\test>type hello.java
  public class hello
  public static void main(String[] args)
  System.out.printf("Hello %s\n",hellohelper.getString());
  C:\test>type hellohelper.java
  public class hellohelper
  public static String getString()
  return "World";
  C:\test>type hello.jnlp
  <?xml version="1.0" encoding="utf-8"?>
  <jnlp spec="1.0+" codebase="http://localhost/" href="" >
      <information>
          <title>hello</title>
          <vendor>hello</vendor>
          <description>hello</description>
      </information>
      <security>
          <all-permissions/>
      </security>
      <resources>
          <j2se version="1.6" />
          <jar href="hello.jar"/>
          <jar href="hellohelper.jar"/>
      </resources>
      <application-desc main-class="hello"/>
  </jnlp>
  C:\test>javac *.java
  Note: NanoHTTPD.java uses or overrides a deprecated API.
  Note: Recompile with -Xlint:deprecation for details.
  Note: NanoHTTPD.java uses unchecked or unsafe operations.
  Note: Recompile with -Xlint:unchecked for details.
  C:\test>jar cvf hello.jar hello.class
  added manifest
  adding: hello.class(in = 524) (out= 332)(deflated 36%)
  C:\test>jar cvf hellohelper.jar hellohelper.class
  added manifest
  adding: hellohelper.class(in = 283) (out= 212)(deflated 25%)
  C:\test>keytool.exe -genkey -alias hello1 -keystore hello1keys.jks -dname cn=hello1 -storepass hello1 -keypass hello1
  C:\test>keytool.exe -genkey -alias hello2 -keystore hello2keys.jks -dname cn=hello2 -storepass hello2 -keypass hello2
  C:\test>jarsigner -keystore hello1keys.jks -keypass hello1 -storepass hello1 hellohelper.jar hello1
  Warning:
  The signer certificate will expire within six months.
  C:\test>jarsigner -keystore hello1keys.jks -keypass hello1 -storepass hello1 hello.jar hello1
  Warning:
  The signer certificate will expire within six months.
  C:\test>start java -cp . NanoHTTPD
  C:\test>javaws hello.jnlpAt this point click accept to trust the code and the program runs. Here is the console output:
  Java Web Start 1.6.0_03
  Using JRE version 1.6.0_03 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\4381
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  m:   print memory usage
  o:   trigger logging
  p:   reload proxy configuration
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  0-5: set trace level to <n>
  Hello WorldNow for second signature, and run again:
  C:\test>jarsigner -keystore hello2keys.jks -keypass hello2 -storepass hello2 hellohelper.jar hello2
  Warning:
  The signer certificate will expire within six months.
  C:\test>javaws hello.jnlpThis time it fails. Console output:
  Java Web Start 1.6.0_03
  Using JRE version 1.6.0_03 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\4381
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  m:   print memory usage
  o:   trigger logging
  p:   reload proxy configuration
  q:   hide console
  r:   reload policy configuration
  s:   dump system and deployment properties
  t:   dump thread list
  v:   dump thread stack
  0-5: set trace level to <n>
  #### Java Web Start Error:
  #### JAR resources in JNLP file are not signed by same certificateTo verify jars:
  C:\test>jarsigner -verify -verbose -certs hello.jar
           135 Thu Apr 10 12:39:26 CDT 2008 META-INF/MANIFEST.MF
           256 Thu Apr 10 12:39:26 CDT 2008 META-INF/HELLO1.SF
           770 Thu Apr 10 12:39:26 CDT 2008 META-INF/HELLO1.DSA
             0 Thu Apr 10 12:37:36 CDT 2008 META-INF/
  sm       524 Thu Apr 10 12:37:04 CDT 2008 hello.class
        X.509, CN=hello1
        [certificate will expire on 7/9/08 12:38 PM]
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
  jar verified.
  Warning:
  This jar contains entries whose signer certificate will expire within six months.
  C:\test>jarsigner -verify -verbose -certs hellohelper.jar
           141 Thu Apr 10 12:38:56 CDT 2008 META-INF/MANIFEST.MF
           262 Thu Apr 10 12:41:30 CDT 2008 META-INF/HELLO2.SF
           770 Thu Apr 10 12:41:30 CDT 2008 META-INF/HELLO2.DSA
           262 Thu Apr 10 12:38:56 CDT 2008 META-INF/HELLO1.SF
           770 Thu Apr 10 12:38:56 CDT 2008 META-INF/HELLO1.DSA
             0 Thu Apr 10 12:37:44 CDT 2008 META-INF/
  sm       283 Thu Apr 10 12:37:04 CDT 2008 hellohelper.class
        X.509, CN=hello2
        [certificate will expire on 7/9/08 12:38 PM]
        X.509, CN=hello1
        [certificate will expire on 7/9/08 12:38 PM]
    s = signature was verified
    m = entry is listed in manifest
    k = at least one certificate was found in keystore
    i = at least one certificate was found in identity scope
  jar verified.
  Warning:
  This jar contains entries whose signer certificate will expire within six months.Why does javaws say: "JAR resources in JNLP file are not signed by same certificate" when clearly they are both signed by the same certificate (the one aliased by CN=hello1)?

• Frequent - "JAR resources in JNLP file are not signed by same certificate"

  Hi Experts,
  I am not able to open ESR and ID. I am facing "JAR resources in JNLP file are not signed by same certificate" issue. I have gone through SDN forums and solved this issue by deleting the javaws cache and clicking on Restore Archives and Generate New Signature button in the Administrator -> "Java Web Start Administration".
  But my issue is...I have to do this every time when I log into the system. I am using J2SE Development Kit 5.0 and J2SE Runtime Environment Kit 5.0.
  Also it is taking around 5 minutes to open ESR.
  Thanks,
  Phani Akella.

  Hi,
  I have downloaded Jdk6.0 and jre 6.0 and installed it in my system. I am not able to start java webstart using the command javaws in cmd. Any suggestions?  I have un-installed jdk 6.0 and installed jdk and jre 5.0. Now I am facing below issues.
  I am able to log into ID but not ESR. Screenshot shows only 9112 kb of files are downloaded for ESR.
  [ESR Issues|http://www.flickr.com/photos/49754947@N07/?s]

• How to sign multiple jar files using the same certificate..?

  hi,
  I want to run my application using Java Web Start.. i am using around 16 different jar files out of which around 13 are 3rd party component jars. I want to sign these jars using the same certifcate..., i am using the follwing code to sign the jars:
  (for the jar file ischeduler.jar)
  keytool -genkey -alias signFiles91 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
  jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischeduler.jar ischeduler.jar signFiles91
  keytool -export -keystore dtss -storepass decisioncraft -alias signFiles91 -file ischeduler.cer
  keytool -import -alias DCA2 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
  (for the jar file ischedulerclient.jar)
  keytool -genkey -alias signFiles92 -keystore dtss -keypass dtss1351 -dname "cn=dtss" -storepass decisioncraft
  jarsigner -keystore dtss -storepass decisioncraft -keypass dtss1351 -signedjar signedischedulerclient.jar ischedulerclient.jar signFiles92
  keytool -export -keystore dtss -storepass decisioncraft -alias signFiles92 -file ischeduler.cer
  keytool -import -alias DCA3 -file ischeduler.cer -keystore Impischeduler -storepass ischeduler
  but when i use the above signed jars in my application i get an error saying:
  "jars not signed by the same certificate"
  can someone plz tel me wher is the error....thanx
  andy

  Well for mulitple signing of jar files you can use ANT tool. Its easier and faster.
  Regarding the present problem -- hmm.. well it looks like you are using 2 different alias names for signing the jar file. Try using the same alias name and that might solve your problem.
  regards
  Saby

• Not signed with apple submission certificate

  Hello,
  I am getting the error like missing or invalid signature.the bundle 'com.companyname.appname' at bundle path 'appname.app' is not signed with apple submission certificate
  Please let me know why i am getting this error...I am sure about my provisioning profile it's correct...Please help me
  Thank You

  Hi, I am having the same issue, can someone help? It is the first time I'm trying to upload to iTunes Connect. My app is running fine on my test iPhone device, my project is currently set to use the developer certificate. I realize I probably need to change that, but I didn't find instructions that work.
  thanks

• Jars can't be signed with different certificates---even by Sun?

  I am deploying an application which uses the following jar files:
  com.example.application.jar
  com.example.support.jar
  javax.activation.jar
  javax.mail.jar
  The latter two are jars signed from Sun, yet JWS complains that the jars have been signed with different certificates. I'm forced to unpack the Sun jars and repackage them,signing them with my own certificate.
  Isn't this a little restrictive? Shouldn't jars signed by Sun be exceptions to the "all jars signed by the same certificate" requirement?
  Garret

  Thanks! The JNLP 1.5 MR specification is a bit opaque about exactly how to do this, but the following site has an example that helped:
  http://java.sun.com/j2se/1.5.0/docs/guide/javaws/developersguide/faq.html
  The example didn't mention whether I can request all permissions for the component extension, but I suppose I can. Nothing seems to indicate whether I can have component extensions reference other component extensions (JavaMail requires JAF, for example), but it seems to work.
  By requesting full permissions for the component extensions, though, I now get two dialogs presented to the user, the first asking if my application should be trusted, and the second asking if Sun Microsystems should be trusted.
  If I remove all-permissions from the JavaMail component extension, yet request it for the main application (thereby only presenting the user with one confirmation dialog), will I still be able to perform restricted functionality using JavaMail, such as connecting to remote servers?
  Here's what I'm now using, in hopes that it benefits someone else. The main JNLP:
       <resources>
            <jar href="com.example.jar"/>
            <extension name="JavaMail" href="javax.mail.jnlp"/>
       </resources>
  ...javax.mail.jnlp:
  <?xml version="1.0" encoding="UTF-8"?>
  <jnlp spec="1.0+" codebase="http://localhost:8080/" href="javax.mail.jnlp">
       <information>
            <title>JavaMail</title>
            <vendor>Sun Microsystems, Inc.</vendor>
            <description>JavaMail API.</description>
            <homepage href="http://java.sun.com/products/javamail/"/>
       </information>
       <security>
            <all-permissions/>
       </security>
       <resources>
            <jar href="javax.mail.jar"/>
            <extension name="JAF" href="javax.activation.jnlp"/>
       </resources>
       <component-desc/>
  </jnlp>javax.activation.jnlp:
  <?xml version="1.0" encoding="UTF-8"?>
  <jnlp spec="1.0+" codebase="http://localhost:8080/" href="javax.activation.jnlp">
       <information>
            <title>JAF</title>
            <vendor>Sun Microsystems, Inc.</vendor>
            <description>JavaBeans Activation Framework extension.</description>
            <homepage href="http://java.sun.com/products/javabeans/glasgow/jaf.html"/>
       </information>
       <security>
            <all-permissions/>
       </security>
       <resources>
            <jar href="lib/javax.activation.jar"/>
       </resources>
       <component-desc/>
  </jnlp>Garret

• Application failed codesign verification. The signature was invalid, or was not signed with an Apple

  Folks ,
  I'm developing and iOS app in Flash but when I'm gonna upload it via application loader this error pop up "Application failed codesign verification. The signature was invalid, or was not signed with an Apple submission certificate."
  I've renew my certificates, etc for several times but still have a same problem,
  look to get your suggestion

  Follow the walk-thru and links in TN 2250 (recently updated) and TN 2294 Code Validation and Submission Issues for iOS (recently added) and iTunes Connect Help (new).

• Able to install the .ipa signed with distribution certificate using iTunes on MacBook Pro. where as the when tried to install using iTune on PC is causing a problem

  Able to install the .ipa signed with distribution certificate using iTunes on MacBook Pro. where as the when tried to install using iTune on PC is causing a problem

  The sound input going to the mic is not going to pipe through the speakers like that.  It doesn't do it because it would cause a feedback loop on itself.  The mic input will take sound and output it to a program or to another pathway (like a VoIP or Facetime call, etc.) but it won't behave like a Karaoke machine if that's what you're thinking.

• What does this mean and how do I fix it? Error ITMS-9000 "Invalid Code Signing The executable ´viwer.app/ viewer´ must be signed with the certificate that is contained in the provisioning profile"

  What does this mean and how do I fix it? Error ITMS-9000 "Invalid Code Signing The executable ´viwer.app/ viewer´ must be signed with the certificate that is contained in the provisioning profile"

  If you had Firefox save your Yahoo password, first try deleting that here:
  orange Firefox button ''or'' classic Tools menu > Options > Security > "Saved Passwords"
  The "signed out" message seems to be related to how Yahoo authenticates you. Some users have reported that disabling automatic proxy detection solves the problem, and it also resolves an issue of getting logged out every few minutes, if you have ever experienced that.
  To make the change:
  orange Firefox button ''or'' classic Tools menu > Options > Advanced
  On the "Network" mini-tab, click the "Settings" button, then choose "No Proxy" and OK your way back out.
  If your work connection requires you to use a proxy server, try the "Use system settings" option instead.
  Does that help?

• Jars signed with revoked certificate

  Hello,
  I have a situation here where i have jars and wars which were signed using jarsigner. The certificate used to sign the jars is now revoked.
  When java runtime loads these jars, it does not throw any errors/exceptions. Is it the right behavior ?
  Is there any way by which I can configure java runtime to contact the CRL and to throw an error while the jar is loaded. The certificate has information
  about CRL distribution point and also has authorityinfo access details. I tried configuring OCSP in java.security file. But still no luck.
  Any information on this will be helpful.
  Thanks in advance

  Hello EJP,
  Thanks for replying.
  Yes the certificate was valid when the jar was signed. Please note that, there was no timestamp put in the signature.
  So now after the certificate has been revoked, if Java runtime tries to load that jar, isn't it the responsibility of Java runtime to make use of the CRL/OCSP information
  of the public key certificate (present in the jar put by the jarsigner when signing) and validate it for revocation ? (Also, in this scenario, what happens if OCSP is enabled in java.security ?) -OR--- Is it the responsibility of the code that makes use of the jar, to verify whether the certificate used for jar signing has been revoked or not ?
  PS:- I have enabled the security settings in java control panel for certificate revocation checking.
  Please let me know if I am wrong or if I am missing something.
  Also i noticed something with jarsigner. In a signed jar, If i delete a few files and then verify its signature using jarsigner, "jar verified" is returned as result. Isn't the jar tampered when I delete a few files from it ? and hence the Hash of its data changes ? and hence verification should fail ?
  One more question, in case of signed applets, if the certificate is revoked, as soon as the browser tries loading the applet, it throws an error saying certificate that was used for signing has been revoked. (provided browser settings and java control panel settings are all properly set). Is this check initiated by the browser OR Java runtime ?
  Thanks a lot

• Signing with p12 certificate from client

  Hy there
  Our client provided us with a p12 format certificate and a password for signing AIR Applications.
  When I tried to sign the application in question with the certificate I got the following Error:
  Unable to build a valid certificate chain for the signer.
  What would google do in this situation?
  According to http://www.globalsign.com/support/root-certificate/osroot.php I did the following:
  Install the certificate in Internetexplorer
  Install the GlobalSign ObjectSign CA in Firefox
  Export a new p12 certificate from firefox
  Sign the application again with the new p12 certificate
  Still getting the same error!
  Install the new p12 certificate in Internetexplorer
  Again exporting the cert in Firefox
  and so on...
  No matter what I tried I still got the same error. I am now wondering whether our client needs to sign the application, but this does not seem to make sense since I have a p12 certificate and a password...
  I really would appreciate any help on this matter.
  Kind regards

  According to tzengs suggestion I tried to export the certificate again from firefox using "backup all" instead of "backup" with no effect.
  One thing which I am still not sure of:
  Can my client give me a p12 certificate which I can use as it is to sign my application using the provided password or do I have to process this certificate first?
  Depending on the answer to this question I need to take different action:
  YES: I need to tell my client to export the certificate in a different manner in order to "create the complete chain"
  NO: The certificate from my client is fine but I still need to figure out how to change the certificate so that I don't get the error.
  Thanks for your help.

• J2ee.jar not compatible with Tomcat 4.1.18 - HELP

  I am attempting to generate my first web page using EJBs. I have ran into a snag. It seems that Tomcat 4.1.18 is not compatable with j2sdkee1.4. I have tried using j2sdkee1.3.1 and got the same problem.
  Ant builds the project just fine therefore I believe this to be a configuration problem - but can not find it. HELP
  *** Below is the out put from Tomcat when he is starting up....
  Feb 3, 2003 11:50:31 AM org.apache.commons.modeler.Registry loadRegistry
  INFO: Loading registry information
  Feb 3, 2003 11:50:32 AM org.apache.commons.modeler.Registry getRegistry
  INFO: Creating new Registry instance
  Feb 3, 2003 11:50:32 AM org.apache.commons.modeler.Registry getServer
  INFO: Creating MBeanServer
  Feb 3, 2003 11:50:33 AM org.apache.coyote.http11.Http11Protocol init
  INFO: Initializing Coyote HTTP/1.1 on port 8181
  Starting service Tomcat-Standalone
  ********** Probjem with Jar ************
  Apache Tomcat/4.1.18
  WebappClassLoader: validateJarFile(C:\Program Files\Apache Group\Tomcat 4.1\weba
  pps\JobEntry\WEB-INF\lib\j2ee.jar) - jar not loaded. See Servlet Spec 2.3, secti
  on 9.7.2. Offending class: javax/servlet/Servlet.class
  *** Below is the compiler output
  org.apache.jasper.JasperException: Unable to compile class for JSP
  An error occurred at line: -1 in the jsp file: null
  Generated servlet error:
  [javac] Compiling 1 source file
  C:\Program Files\Apache Group\Tomcat 4.1\work\Standalone\localhost\JobEntry\index_jsp.java:9: package javax.ejb does not exist
  import javax.ejb.*;
  ^
  C:\Program Files\Apache Group\Tomcat 4.1\work\Standalone\localhost\JobEntry\index_jsp.java:23: cannot resolve symbol
  symbol : method InitialContext ()
  location: class org.apache.jsp.index_jsp
  InitialContext initial = InitialContext();
  ^
  C:\Program Files\Apache Group\Tomcat 4.1\work\Standalone\localhost\JobEntry\index_jsp.java:25: cannot access javax.ejb.EJBObject
  file javax\ejb\EJBObject.class not found
  siteList = (JobEntry.SiteList) PortableRemoteObject.narrow(objectRef, SiteList.class);
  ^
  C:\Program Files\Apache Group\Tomcat 4.1\work\Standalone\localhost\JobEntry\index_jsp.java:26: cannot resolve symbol
  symbol : variable siteListHome
  location: class org.apache.jsp.index_jsp
  mySiteList = siteListHome.create();
  ^
  4 errors

  You should not add j2ee.jar to the WEB-INF folder. I think you should move it to "C:\Program Files\Apache Group\Tomcat 4.1\lib\j2ee.jar".
  Also, it might help to read section 9.7.2 in the servlet 2.3 specification (as stated in the error). You can download the spec here: http://www.jcp.org/aboutJava/communityprocess/final/jsr053/

• Signing with Code Certificate from COMODO ?

  Hi,
  does anyone have some experience with a Code Signing Certificate from COMODO ?
  I exported the certificate from Chrome or IE and tried the signing for a ja file,
  but get:
  jar signed.
  Warning:
  The signer's certificate chain is not validated.
  Can anyone help me ?
  Many thanks.

  According to tzengs suggestion I tried to export the certificate again from firefox using "backup all" instead of "backup" with no effect.
  One thing which I am still not sure of:
  Can my client give me a p12 certificate which I can use as it is to sign my application using the provided password or do I have to process this certificate first?
  Depending on the answer to this question I need to take different action:
  YES: I need to tell my client to export the certificate in a different manner in order to "create the complete chain"
  NO: The certificate from my client is fine but I still need to figure out how to change the certificate so that I don't get the error.
  Thanks for your help.

• Sharing Apps Not Contacts with Same Apple ID

  Can I share apps but not contacts using the same Apple ID? My contacts and iMessages appear on my son's iPod which is not ideal.

  Go to Settings > iTunes & App Stores. Touch the Apple ID and select Sign Out. Sign in with the Apple ID you want.