I am trying to sign a java applet using trusted certificate with the help of Java keytool and jarsigner of JRE1.6. For this I have followed the following steps:
1.Generated key pair in a keystore - keytool -genkeypair -keyalg RSA -alias eaikey -keystore eaikeystore -validity 3650 -keysize 2048
2.Generated CSR using command keytool -certreq -alias eaikey -file eaicert.csr -keystore eaikeystore and send the .csr file to the CA
3.CA has returned the certificate reply (.cer file)that contained a root certificate
4.When I tried to import the certificate using command keytool -import -file eaicert.cer -alias eaicertkey -keystore eaikeystore to keystore, initially it gave me error as Input not an X.509 certificate.So I opened the .cer file in my text editor and removed the texts before the Begin And End Certificate.Then it got imported correctly by running the
5.When I tried to sign the jar using command jarsigner application.jar eaicertkey -keystore eaikeystore
it gave the exception as jarsigner: Certificate chain not found for: eaicertkey. eaicertkey must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
Please help me with the step I am missing here.I doubt I am doing something wrong in the import step.
Thanks in advance.