Signing Properties: Fx Build Configuration
https://stackoverflow.com/questions/11383992
-
19-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
In Eclipse EE 3.7, I've installed the JavaFX SDK and created a JavaFX Project. When I open the build.fxbuild file and select the Build Properties tab, there's a section titled Signing Properties. And it asks for the following information,
- Keystore
- Store-Password
- Alias
- Key-Password
For the Keystore field, it provides options for browsing the filesystem and workspace, but I don't know where to locate the keystore. Can anybody help me figure out how to do information signing via an Fx Build Configuration file?
La solution
For many applications (for example a standalone application), code signing is simply not required - it can introduce complications and can degrade performance and user experience. Code signing is only required for WebStart and Browser Embedded applications which require resources outside of the Java sandbox. If you are certain you actually need to sign your application, then continue reading.
Here are the steps to create your own keystore for signing using the java keytool. For test purposes you can generate your own self signed certificates. For a real application deployed to the general public which minimizes security warnings, it is best to purchase a code signing certificate.
An example commmand line for creating a keystore to be used for code signing is:
keytool -genkey -alias signFiles -keystore examplestore
You will be prompted to enter passwords for the key and keystore.
The JavaFX deployment packaging documentation has information on how to sign applications via the standard JavaFX SDK. You could just follow that description and sign your jars using, for instance, the JavaFX ant tasks.
However, it would seem that Eclipse has some inbuilt functionality for doing the signing. If you want to take advantage of that, follow the instructions above to create your keystore. After you have an appropriate keystore, enter the values used in creating the keystore into the appropriate fields for the Eclipse IDE to perform the signing.
Matching the fields up with the example command line for keystore generation I provided earlier.
Keystore - file location of the keystore containing your signing key: examplestore
Store-Password - password you assigned to access the keystore
Alias - friendly name to refer to the key: signFiles
Key-Password - password you assigned to access the key in the keystore
Although there is a default keystore provided in the Java JDK installation directory, this is not usually the same keystore which would be associated with your own signing keys and certificate. The keystore provided with the JDK is primarily used to store certificates for certificate authorities used in validating SSL connections. As the java keystores produced by a given jdk vendor follow one generic format, you could also use it for storing signing keys and certificates. However, I would not advise this and would instead advise creating and using your own keystore. Generally you want to keep the keystore containing your code signing keys separate from other information, backed up and very secure.
