0 Replies Latest reply: Jan 29, 2014 9:51 AM by 26111982 RSS

    issue while signing a jar using RSA certificate

    26111982

      Hi,

       

      I am trying to sign a java applet using trusted certificate with the help of Java keytool and jarsigner of JRE1.6. For this I have followed the following steps:

       

      1.Generated key pair in a keystore - keytool -genkeypair -keyalg RSA -alias eaikey -keystore eaikeystore  -validity 3650 -keysize 2048

       

      2.Generated CSR using command keytool -certreq -alias eaikey -file eaicert.csr -keystore eaikeystore and send the .csr file to the CA

       

      3.CA has returned the certificate reply (.cer file)that contained a root certificate

       

      4.When I tried to import the certificate using command keytool -import -file eaicert.cer -alias eaicertkey  -keystore eaikeystore to keystore, initially it gave me error as Input not an X.509 certificate.So I opened the .cer file in my text editor and removed the texts before the Begin And End Certificate.Then it got imported correctly by running the

       

      5.When I tried to sign the jar using command  jarsigner application.jar eaicertkey  -keystore eaikeystore

      it gave the exception as jarsigner: Certificate chain not found for: eaicertkey.  eaicertkey must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

       

      Please help me with the step I am missing here.I doubt I am doing something wrong in the import step.

       

      Thanks in advance.