Articles in Root

How do I sign a JAR file with a code-signing certificate?

Problem

How do I sign a JAR file with a code-signing certificate?

Solution

In order to sign a JAR file, you can use the JarSigner tool included with the Java Development Kit (JDK).  This Knowledge Base article will guide you through the process.  Note: Any part of the commands below that are underlined are variables and may change according to your environment.

To verify the PKCS#12 file (*.p12 or *.pfx), run the following command:

keytool -list -v -storetype pkcs12 -keystore mycertificate.p12

In the output, you will see an Alias name.  The Alias name is usually the string up to the first comma before the date. Copy this Alias name.

When your PKCS#12 file is verified, run the following command to sign the JAR file:

jarsigner -storetype pkcs12 -keystore mycertificate.pfx file.jar "alias"

Note: Replace the alias with the name of the alias from the keytool -list -v command above.

Your JAR file has been signed.  To verify the signature of the JAR file, use the following command:

jarsigner -verify JARFile.jar