Copyright © 2004, 2005 TJ
The GNU General Public License version 2 or later applies to my ExportPrvKey.class. See http://www.gnu.org/licenses/gpl.html
Here's how to get and use a code-signing Thawte digital certificate to sign your Java JAR and Microsoft CAB, EXE, DLL, VBscript, etc. code, to create trusted applets for downloading over the Internet, and to convert the Java JKS key-store to P12/Microsoft PFX (Personal Information Exchange) format to share the same certificate with Java JAR files and Microsoft CAB files.
This allows software authors to increase the range of activities the Java Security Manager will permit.
| << Request a Free Test Certificate | Create a New Java Key/Certificate Pair | Generate a Certificate Signing Request >> |
|---|
From the Start Menu, choose Command Prompt.
Generate a new key and key-store in the CodeSigning directory.
keytool -genkey -keyalg RSA -keystore CodeSigning.jks -alias CodeSigning
Make sure to give appropriate answers to all the questions. These are important if you want your identity to be trusted. Notice that I pasted in the unique common name Thawte gave me when keytool.exe asks What is your first and last name?
For a real code-signing certificate from Thawte this would be your domain name; for other certificate issuers it would be organisation or personal name.
You're now ready to generate a Certificate Signing Request.
| << Request a Free Test Certificate | Create a New Java Key/Certificate Pair | Generate a Certificate Signing Request >> |
|---|
If you have any comments or simply find this guide a useful time-saver I'd welcome hearing from you. You can email me at codesigning@tjworld.net.
© Copyright 2004, 2005 TJ. You are welcome to link directly to this article and make a non-public personal copy (not redistributed or republished). The article must remain in XHTML form (mustn't be converted to proprietary formats such as PDF or DOC). If you would like to include it in a commercial service (e.g. a subscription or advertiser-supported web site) please ask.