[jboss-dev] certs and verified signers
Ales Justin
ales.justin at gmail.com
Tue Sep 15 10:26:00 EDT 2009
WRT JBCL-67.
I have a jar which I signed with
keytool -genkeypair -alias mycert -keystore keystore -keypass ambam123
jarsigner -keystore keystore -storepass ambam123
..\DIFramework\dist\another.jar mycert
keytool -exportcert -keystore keystore -alias mycert -file mare_cert.cer
keytool -importcert -file mare_cert.cer -keystore ales_store -storepass
ambam5
java -Djavax.net.ssl.trustStore=ales_store
-Djavax.net.ssl.trustStorePassword=ambam5
This jar includes com/acme/X.class.
So, I would now expect when I access this class in jar via JarEntry
to be able to get its certificates: JarEntry::getCertificates.
But I get null.
I guess I'm missing a list of verified signers?
JarVerfier.class:
/**
* Return an array of java.security.cert.Certificate objects for
* the given file in the jar.
*/
public java.security.cert.Certificate[] getCerts(String name)
{
CodeSigner[] signers = getCodeSigners(name);
// Extract the certs in each code signer's cert chain
if (signers != null) { // <----- THIS is null in my case
How do I add this signers?
I already hacked out my security knowledge, w/o any success. ;-(
More information about the jboss-development
mailing list