0 Replies Latest reply on Jan 29, 2014 3:51 PM by 26111982

    issue while signing a jar using RSA certificate




      I am trying to sign a java applet using trusted certificate with the help of Java keytool and jarsigner of JRE1.6. For this I have followed the following steps:


      1.Generated key pair in a keystore - keytool -genkeypair -keyalg RSA -alias eaikey -keystore eaikeystore  -validity 3650 -keysize 2048


      2.Generated CSR using command keytool -certreq -alias eaikey -file eaicert.csr -keystore eaikeystore and send the .csr file to the CA


      3.CA has returned the certificate reply (.cer file)that contained a root certificate


      4.When I tried to import the certificate using command keytool -import -file eaicert.cer -alias eaicertkey  -keystore eaikeystore to keystore, initially it gave me error as Input not an X.509 certificate.So I opened the .cer file in my text editor and removed the texts before the Begin And End Certificate.Then it got imported correctly by running the


      5.When I tried to sign the jar using command  jarsigner application.jar eaicertkey  -keystore eaikeystore

      it gave the exception as jarsigner: Certificate chain not found for: eaicertkey.  eaicertkey must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.


      Please help me with the step I am missing here.I doubt I am doing something wrong in the import step.


      Thanks in advance.