How to use pem file to sign jar?

Question

I just got my Code Signing Certificate from CERTUM. It contains *.pem (text file) and *.cer (binary file). I want to sign now my jar file. I am absolutely new in code signing. I found that I should to use jarsigner, but I don't know how I can use my *.pem file now. All examples which I've found is about using another types of file.

Can you provide me step-by-step description of how I can sign my jar by pem file? Thanks a lot.

Answer 1

• it may be necessary to convert the *.pem files with openssl. if that's true, look up the manpage of openssl.

• then proceed by creating a keystore with the keytool command that comes with java, IIRC

• after creating the keystore sign the aforementioned jar-file with the command jarsigner

• check if everything worked as expected by inspecting the contents of the signed jar-file via: jar -xvf $jar-file; cd META-INF; cat MANIFEST* *.RSA *.SF or alternatively via jarsigner -verbose -verify -certs $path/to/jar-file

huh, that was step-by-step, but quite terse. but it should get you going (in the right direction...)