This article provides step-by-step instructions for Token Based JAR Signing in Windows Environments. If you are looking for a different solution, please use the search bar above.
You can watch the video below for a tutorial.
Or, you can check the step by step guidelines below.
Configuring your JDK
Install the 32-bit JDK and locate the JDK bin folder. Note: The default location is "C:\Program Files (x86)\Java\jdk1.X.X_XXX\bin".
Using notepad or notepad++, create a file named eToken.cfg in the bin folder with the following content as shown below.
Save the eToken.cfg in the bin folder.
Windows JAR Signing
Run the command prompt as administrator. Then navigate to the "jdkx.x.x_xxx\bin" directory where the JarSigner and KeyTool are located, as well as the eToken.cfg file you created.
Confirm your certificate alias with the following command:
keytool -list -keystore NONE -storetype PKCS11 -providerclass sun.security.pkcs11.SunPKCS11 -providerArg eToken.cfg
Enter your keystore passphrase (token password) when prompted.
Sign the JAR file using the following command: jarsigner -keystore NONE -storetype PKCS11 -tsa http://rfc3161timestamp.globalsign.com/advanced -providerClass sun.security.pkcs11.SunPKCS11 -providerArg eToken.cfg /directory/test.jar "certificateAlias"
Enter your keystore passphrase (token password) when prompted. Then, wait for the output indicating "jar signed".
Verify the signature by using the following command: jarsigner -verify -verbose /directory/test.jar
You should be getting an output similar to the image below with "jar verified" at the end.
Ordering an EV Code Signing Certificate (HSM-Based)
Mar 2, 2020, 6:51 AM
The following article will walk you through the ordering process of an EV Code Signing Certificate (HSM-Based). If this is not the solution you are looking for...
Download and Install Code Signing Certificate (HSM-based)
Mar 8, 2020, 3:13 PM
The following article will walk you through downloading and installing your Code Signing Certificate. At the completion of this procedure your certificate will be ready to place signatures on drivers, executables, and other files. Note: If you've already downloaded your certificate, please refer to the instructions listed below: