Locate the eToken library file (libeTPkcs11.so) using the terminal command: find / -name libeTPkcs11.so
Take note of the result as you will need this later. example: /usr/lib64/libeTPkcs11.so
Locate the JarSigner file (JarSigner) using the terminal command: find /-name jarsigner
Go to the JarSigner directory we found using this terminal command: cd "/JarSigner/Directory"
Open the Linux Terminal Text(Nano) by simply typing the terminal command: nano
In Nano, set up your eToken.cfg file by using the following terminal command: name=eToken library="Step2/Output/libeTPkcs11.so"
Save the text file by pressing(Ctrl+O) and name it "eToken.cfg", then pressEnter. Note: If prompted to confirm, press Y. Now, press(Ctrl+X) to exit Nano, and return to the Terminal Command Line.
Now confirm that you've created the file in the correct directory. Enter the terminal command: dir Note: This command lists all of the files and folders present in the directory you are currently in.
Confirm your certificate alias using the terminal command: keytool -list -keystore NONE -storetype PKCS11 -providerclass sun.security.pkcs11.SunPKCS11 -providerArg eToken.cfg Note:Enter your keystore passphrase (token password) when prompted.
Sign the JAR file using the following terminal command: jarsigner -keystore NONE -storetype PKCS11 -tsa http://rfc3161timestamp.globalsign.com/advanced -providerClass sun.security.pkcs11.SunPKCS11 -providerArg eToken.cfg /directory/test.jar "certificateAlias" Enter your keystore passphrase (token password) when prompted. You'll get a jar signed message once it's completed.
We can verify the signature now by using the following terminal command: jarsigner -verify -verbose /directory/test.jar
You should be getting an output similar to the image below with "jar verified" at the end.
Ordering an EV Code Signing Certificate (HSM-Based)
Mar 2, 2020, 6:51 AM
The following article will walk you through the ordering process of an EV Code Signing Certificate (HSM-Based). If this is not the solution you are looking for...
Download and Install Code Signing Certificate (HSM-based)
Mar 8, 2020, 3:13 PM
The following article will walk you through downloading and installing your Code Signing Certificate. At the completion of this procedure your certificate will be ready to place signatures on drivers, executables, and other files. Note: If you've already downloaded your certificate, please refer to the instructions listed below: