You will need a keystore to sign jars. In my case I was given a p12 file from my Certificate Authority. It took a while but I finally found how to make a keystore from my p12.
You don’t need a keystore to exist to import a p12:
> keytool -v -importkeystore -srckeystore certificate.p12 -srcstoretype PKCS12 -destkeystore keystore.jks -deststoretype JKS
Now the keystore will have the contents of the p12, which is the certificate and the key.
Sources:
http://www.webfarmr.eu/2010/04/import-pkcs12-private-keys-into-jks-keystores-using-java-keytool/
http://blog.jgc.org/2011/06/importing-existing-ssl-keycertificate.html
Pingback: How to sign a jar | Michael Ozeryansky
Pingback: Finding an imported certificate’s alias in a java keystore | Michael Ozeryansky
Pingback: Java 7.51 – Applets must be signed | Michael Ozeryansky
I’m facing the following error when I try to make a keystore from my p12 file:
keytool -v -importkeystore -srckeystore mBankingApp.p12 -srcstoretype PKCS12 -destkeystore mBanking.jks -deststoretype JKS
Enter destination keystore password:
Re-enter new password:
Enter source keystore password:
Please help me to fix this error.
Thank you a lot.
I don’t know the solution but I found a few resources online
+ http://www-01.ibm.com/support/docview.wss?uid=swg21303472
+ http://mail-archives.apache.org/mod_mbox/tomcat-users/200305.mbox/%3C4.3.2.7.2.20030504095807.00b47f60@wells.cisco.com%3E
+ http://stackoverflow.com/questions/23126282/java-apns-certificate-error-with-derinputstream-getlength-lengthtag-109-too
From what I can tell from these above discussions, the format of your certificate is different. It seems you should use “P12” instead of “JKS”, then maybe try following one of the above suggestions. Best of luck.