I´m trying to sign my JAR file with a Thawte certificate but I´ve runned into some problems and will try to explain what I´ve done.
Step 1
I´ve created a keystore file in jks format using the following command:
keytool -genkey -keystore keystore -alias alias -keyalg RSA -keysize
And then generating a certificate:
keytool -certreq -alias alias -keystore keystore -file file.csr
After I´ve done this I did send the generated certificate request to Thawte for confirmation.
Step 2 - Notice: This is done on an other computer.
After I while I´ve received a email from Thawte containing a confirmation and a Code Signing Certificate.
When I´ve received this confirmation I created two .cer files. One containing the received certificate and another containing a Thawte intermediate certificate that I got from their website. I imported these into my keystore that I used in step one.
Step 3
The last thing I dig was to signed my JAR file using the following command:
jarsigner C:\signed\file.jar keystore
Everything went fine except I get this warning:
Warning: The signer certificate will expire within six months. No -tsa or -tsacert is provided and this jar is not timestamped. Without a times tamp, users may not be able to validate this jar after the signer certificate's expiration date (2014-06-02) or after any future revocation date.
And when I´m trying to deploy my JAR file the browser says that it´s a self-signed applet.
Does anyone know what I´m missing?
Kind regards / H
