jarsigner

Just noted that you can´t sign Android APKs with the Java 1.7 jarsigner. So I wonder why this is and what is the difference between the 1.6 and 1.7 signer? This is because the default digest algorithm for Java 1.7 is SHA-256 while for Java 1.6 it's SHA1withDSA . Java 1.6 Jarsigner docs Java 1.7 Jarsigner docs Yes you CAN use 1.7! It is very tricky to find info on the usage with 1.7, but once found it is reasonable simple: For keytool include -sigalg SHA1withDSA -keyalg DSA -keysize 1024 For jarsigner include -sigalg SHA1withDSA -digestalg SHA1 (1024 is the maximum and works, less might do the

I have an existing unsigned apk and I want to sign it using my debug.keystore file. Here I found a tutorial how it can be done. jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name But what should I write as alias_name and what should be the passphrase? Is there any way to find out what alias_name and passphrase are used by Eclipse during the signing? Stefan de Bruijn You don't really want to create it with your debug key, but; -alias androiddebugkey -keystore /the/path/debug.keystore -storepass android -keypass android

I am new to this topic, therefore I hope I use the right vocabulary. Is it possible to get the possibility of Jarsigner within Java self? I need the possibility to do the following things programatically: verify if a jar is signed with a certain private key from a keystore if the jar is verified: unsign the jar sign the jar with another private key from an official certificate authority, which is in the same or in another keystore In pseudo-code I imagine something like this: JarVerifier verifier = new JarVerifier(/*all needed parameters like the location of the keystore*/); verifier.verify

The case: I am maintaining a Java applet which uses the BouncyCastle libraries bcpkix-jdk15on-149.jar , and bcprov-jdk15on-149.jar . Problem is when the applet is run on a JRE version 7_u40 enabled browser. The behavior has changed from version 7_u25 in a way that it always prompts a modal window like "Security prompt for an app using a self-signed certificate" (which cannot be permanently hidden anymore), just to trust bcprov . https://www.java.com/en/download/help/appsecuritydialogs.xml As far as I know, this is because BC libraries are signed with the BouncyCastle certificate, issued by the

In Windows command prompt: >keytool -genkey -alias me >keytool -selfcert -alias me >jarsigner myJar.jar me Only one alias can be specified I have failed to find any info on this error on the web. I'm obviously only specifying one alias here. What could I be doing wrong? I was getting the same error. I resolved it by renaming the folders in my path c:\this is a folder\ replaced with c:\this_is_a_folder\ jarsigner doesn't like spaces in folders Just put quotes around the filename(s) with spaces. You need to quote arguments with spaces in them, to any program. Nothing to do with jarsigner

Disclaimer: I know the basics of signing an APKs and I have a problem with only one of my projects and only when signing with Microsoft Windows as the OS. I am building my APK with Maven and sign them with the maven-jarsigner-plugin: <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jarsigner-plugin</artifactId> <executions> <execution> <id>signing</id> <goals> <goal>sign</goal> </goals> <phase>package</phase> <inherited>true</inherited> <configuration> <archive>target/${project.build.finalName}.apk</archive> <sigfile>CERT</sigfile> <keystore>${env.HOME}/.keystore<

ERROR MESSAGE : jarsigner: Certificate chain not found for: project_foo.<br/> project_foo must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain. QUESTION : How do I include a public key certificate chain to address the error? BACKGROUND : The App Developer has completed an Android app and delivered an unsigned APK called Foo.apk. My objective is to sign and zipalign the APK in preparation for uploading it to the Google Play store. My keystore is located at C:\Path\.keystore on a Windows machine. COMMAND LINE , my command: jarsigner