I did it again…I lost my keys!

Every once and a while I need to sign my jar files. Mostly when I start a new project I set this up, and as long as it’s working I never look at it again…until I need to set up a new project, and the googling starts again…So now for once and for all (and more to prevent me googling again and again 😉 ) I document the steps to create, sign and automate the key generation of jar files.

Assuming we have a jar file created (I use an ANT script for this) we first need to create a key store to be able to sign the jar files.

The keytool is included in the JDK, so as long as the pathsettings are correct we can issue the command:

$ keytool -genkey -alias jdc -keyalg RSA -keystore myKeys -keysize 2048 -validity 365
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]:  myName
What is the name of your organizational unit?
[Unknown]:  myProductions
What is the name of your organization?
[Unknown]:  myCompany
What is the name of your City or Locality?
[Unknown]:  myCity
What is the name of your State or Province?
[Unknown]:  myTown
What is the two-letter country code for this unit?
[Unknown]:  US
Is CN=myName, OU=myProductions, O=myCompany, L=myCity, ST=myTown C=US correct?
[no]:  yes

Enter key password for <jdc>
(RETURN if same as keystore password):

Now we have the keystore and a key in it with the alias jdc  (you can make it whatever you like, I like this for no particular reason at all) we can sign our jar file:

$ jarsigner  -keystore myKeys -storepass "secret" myJar.jar jdc

That’s it! No errors? The jar file is signed…but fun as it is, we don’t want to do this the whole time…let’s introduce this to ANT:

Add the following to your build file:

<signjar jar="myJar.jar" alias="jdc" keystore="myKeys" storepass="secret" />

Or we use the long route:

<exec executable="jarsigner">
<arg value="-keystore"/>
<arg value="myKeys"/>
<arg value="-storepass"/>
<arg value="secret"/>
<arg value="myJar.jar"/>
<arg value="jdc"/>

And this is all…If you know the commands, it’s easy..and saves a lot of time better spend coding java to make Oracle do what we want…but that..is another post 😉

Have fun!


About GemsOfProgramming

Beeing a previously enthusiastic Java programmer, I rolled into the Oracle Database Administration world. It turned out I got a knack for this, and since approx. 2000 I'm a full time DBA. My experiences touches lot of Oracle products like Forms and Reports 9/10, JDAPI, Application Server, Weblogic Fusion and of course: Oracle Enterprise Databases, JavaFX, Swing and other Java components.
This entry was posted in Java, Technical Stuff and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s