October 2017

Signing a Java Jar

Submitted by michael on Sat, 10/21/2017 - 15:09

Blogging this because it took far too long to figure out and because the documentation is spread across too many pages and isn't at all clear.

Generate some signing keys.

keytool -genkeypair -alias USERNAME -validity 1000 -keystore FILENAME.keystore

Answer some questions. The resulting FILENAME.keystore file must be kept private. This generates a key that's valid for at least 1000 days. The java docs have more information.