• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Ganesh Patekar

self signing a certificate for jar file

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I am having trouble facing generating a self signed certificate for a jar file. I also want to know how to set validity of the certificate for less than 1 day. Someone please reply with steps to solve my problem. Thank you.
 
Saloon Keeper
Posts: 5801
146
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What have you tried, and how did that not work?

Java comes with the "keytool" utility for generating certificates, for which there are lots of tutorials out there on the web.
 
Akhil Surya A
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I tried generating a certificate by setting validity as 1 day,even after that day the signed jar works.
keytool -genkeypair -dname "cn=Sachin Tendulkar, ou=Techtips, o=SevenMountz, c=US" -alias selfsigned -keypass welcome -keystore selfsignedstore.jks -storepass welcome -validity 1
this was the example I tried.and signed by following code.
jarsigner -keystore selfsignedstore.jks myapplication.jar selfsigned
 
Tim Moores
Saloon Keeper
Posts: 5801
146
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

even after that day the signed jar works.


How are you using the jar so that you can reasonably expect it not to work?
 
Akhil Surya A
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was trying to set an expiry date on that file using self signed certificate. I set as 1 so that I can understand whether it worked or not.
 
Tim Moores
Saloon Keeper
Posts: 5801
146
Android Mac OS X Firefox Browser VI Editor Tomcat Server Safari
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I was trying to set an expiry date on that file using self signed certificate.


Being signed with an expired certificate does not mean that the jar file will somehow cease to work. Hence my question:

How are you using the jar so that you can reasonably expect it not to work?


If you are expecting the JRE not to execute code in a jar file signed with an invalid certificate, that's not how certificates work. You will need a SecurityManager in place that checks for that. I'm not sure if the JRE's standard SecurityManager enforces this, but you can check by running the JVM via "java -Djava.security.manager ...". If that still works, you will need to write your own security manager that enforces this.
 
Akhil Surya A
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
for your question, I was trying to figure out how the certificate expiration works out.
thank you for helping me out.
 
This. Exactly this. This is what my therapist has been talking about. And now with a tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!