Compared to most Java programmers, I can still call myself a newbie.
I just learned how to sign java jars to be able to maximize the potential of applets.
1.) First of all you need to create your keystore. A keystore file (usually named .keystore in your home directory) contains your private and public keys. .keystore is stored in a binary jks format (Java Key Store) similar to PKCS #12 containing both public and private keys, protected by a passphrase. The first four signature bytes of a Sun .keystore file in hex are FEEDFEED. ( http://mindprod.com/jgloss/keystore.html)
To create your keystore, you need the keytool which you can get with most java jdk. At the command line, you type something:
keytool –genkey –alias alias_to_be_used
you need to specify alias_to_be_used as this will be the alias that you will be using for the jarsigner command later.
2.) You can save your .keystore file if you are going to transfer to other machines or reformat the machine that you are going to be using. You just have to remember to put it at your home directory.
3.) You can now create your jar file. After which you can issue the command:
jarsigner –storepass yourpassword –keypass yourpassword jarfile.jar alias_to_be_used
you have to specify yourpassword for both the storepass and keypass as they could be different passwords (as you will be prompted in the keytool to be able to do so). Also don’t forget to change jarfile.jar for the filename of your jarfile and alias_to_be_used for the alias you supplied to keytool.
4.) That’s it you have a jar signed file.
Enough for now, back to work...
