AppletTalk.com Java discussions newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  need to auotmate applet signing through build script          AppletTalk.com Forum Index -> Security and Java View previous topic :: View next topic   Author Message turbo_vee@yahoo.com Guest Posted: Tue Feb 22, 2005 5:07 pm    Post subject: need to auotmate applet signing through build script I received a certificate issued by Verisign and imported in my Keystore and I can successfully sign the applet. But I *also* need to be able to export the certificate to a file so that it can be integrated with the build process. I am unable to do that. Here is the directive I use in my ant build scripts. <signjar sectionsonly="true" storepass="passowrd" keypass="keypassword" storetype="jks" jar="${FEA}" alias="certificate alias name"/> This command works only from my machine. but I need to be able to allow different developers and build engineers to build and sign the applet. I am not sure what value should i be using for keystore="" attribute. I tried giving it a certificate file name but that wont work. any help will be greatly appreciated. Back to top Chris Guest Posted: Wed Mar 16, 2005 6:39 am    Post subject: Re: need to auotmate applet signing through build script -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email]turbo_vee (AT) yahoo (DOT) com[/email] wrote: Quote: I received a certificate issued by Verisign and imported in my Keystore and I can successfully sign the applet. But I *also* need to be able to export the certificate to a file so that it can be integrated with the build process. I am unable to do that. Here is the directive I use in my ant build scripts. signjar sectionsonly="true" storepass="passowrd" keypass="keypassword" storetype="jks" jar="${FEA}" alias="certificate alias name"/ This command works only from my machine. but I need to be able to allow different developers and build engineers to build and sign the applet. I am not sure what value should i be using for keystore="" attribute. I tried giving it a certificate file name but that wont work. any help will be greatly appreciated. Hello, You need to export both the key and the certificate, not just the certificate. It turns out there is actually no way to export a key from a keystore using the keytool program. If you've got the time/knowledge/inclination, you can write a quick Java program that'll open the keystore, pull the key, and save it to a file. You might also be able to find such a program on Google. I think you would need a companion program for your colleagues to run to import the key into their keystores, after which the certificate could be imported via keytool. Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCN9SlgxSrXuMbw1YRAlM3AJ4p+oImcdtAr9iAe62/xZqjN6mtjQCg+cwS GBtkKzt0FgT6S0XvZSddnLw= =o0vI -----END PGP SIGNATURE----- Back to top Michel Gallant Guest Posted: Wed Mar 16, 2005 1:12 pm    Post subject: Re: need to auotmate applet signing through build script Some related info on this is how to extract the certificate and private key from JSK keystore, into standard pkcs#12 format: http://www.jensign.com/JavaScience/Thawte (3rd Party Solutions paragraph). - Mitch Gallant JavaScience Consulting "Chris" <chris2k01 (AT) hotmail (DOT) com> wrote Quote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email]turbo_vee (AT) yahoo (DOT) com[/email] wrote: I received a certificate issued by Verisign and imported in my Keystore and I can successfully sign the applet. But I *also* need to be able to export the certificate to a file so that it can be integrated with the build process. I am unable to do that. Here is the directive I use in my ant build scripts. signjar sectionsonly="true" storepass="passowrd" keypass="keypassword" storetype="jks" jar="${FEA}" alias="certificate alias name"/ This command works only from my machine. but I need to be able to allow different developers and build engineers to build and sign the applet. I am not sure what value should i be using for keystore="" attribute. I tried giving it a certificate file name but that wont work. any help will be greatly appreciated. Hello, You need to export both the key and the certificate, not just the certificate. It turns out there is actually no way to export a key from a keystore using the keytool program. If you've got the time/knowledge/inclination, you can write a quick Java program that'll open the keystore, pull the key, and save it to a file. You might also be able to find such a program on Google. I think you would need a companion program for your colleagues to run to import the key into their keystores, after which the certificate could be imported via keytool. Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCN9SlgxSrXuMbw1YRAlM3AJ4p+oImcdtAr9iAe62/xZqjN6mtjQCg+cwS GBtkKzt0FgT6S0XvZSddnLw= =o0vI -----END PGP SIGNATURE----- Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         AppletTalk.com Forum Index -> Security and Java All times are GMT Page 1 of 1   Jump to: Select a forum Java Newsgroups----------------Java DiscussionsWeb-based java games comp.lang.java 3D Graphics API's for Java Java: Support and criticism Java System Announcements comp.lang.java.api JavaBeans Java and CORBA Java and Databases comp.lang.java.developer Java GUI Toolkits Java Help comp.lang.java.javascript JVM, native methods and hardware comp.lang.java.misc Java Language Programming Security and Java comp.lang.java.setup Java Software Tools comp.lang.java.tech ibm.software.java.linux  Non-English Java Newsgroups----------------Java Language (German)Language Java (Français)Java (Italian)  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.