How to use the CMD command to digitally sign the Java jar package ? Let's take a look together. JDK comes with a jar package signing tool jarsigner, which can be used to sign jar packages. This tool requires a keystore file, which can be generated with the keytool tool in the JDK. Why are JARs signed? When a user launches a Java Network Launching Protocol (JNLP, Java Network Launching Protocol) file or uses an applet, the JNLP or applet requests that the system provide more than normal access.
first step:
Install the Java environment: Configure the Java environment tutorial
Step two:
Open the CMD command to generate a keystore named DaYanZai.store, the alias is DaYanZai, enter:
| 1 |
keytool -genkey -keystore DaYanZai.store -alias DaYanZai -validity 55555 |
Password: 123456 (enter by yourself as required) Other options are input as required, and finally confirm: y
Tip: The default period of the certificate is 6 months. In order to make the application not limited by time, the keytool command provides a parameter validity, which can be used to specify the effective date of the signature.
third step:
Export DaYanZai.cer digital certificate
| 1 |
keytool -export -keystore DaYanZai.store -alias DaYanZai -file DaYanZai.cer |
Password: 123456 (enter as needed)
the fourth step:
Sign the Hello.jar file
| 1 |
jarsigner -keystore DaYanZai.store D:\hello.jar DaYanZai |
Now your jar is signed. Running JARsigner -verbose -verify Hello.jar confirms that the jar has been successfully signed, and now you have more control over the security model of your JNLP or applet.