How to sign JAR by java keystore and Maven

This post describes how can you sign your JAR files by maven and JAVA keystore.

Applet_Java_Signed_Stamp

 

Prepare JKS keystore

Generate self-signed certificate

If you don’t have any personal certificate you can generate on by this command

keytool -genkey -alias my_certificate_alias -keyalg RSA -keysize 4096 -keystore keystore.jks

Substitute “my_certificate_alias” by you own alias in command.

Follow the wizard.

Import existing certificate

If you have an existing personal certificate (in PFX format)  you can import it to keystore by following commands.

keytool -importkeystore -srckeystore mypfxfile.pfx -srcstoretype pkcs12 -destkeystore keystore.jks -deststoretype JKS

 

 

Modify you pom.xml file

Add these lines to your project pom.xml file

<project>
   ...
   <build>
      ...
      <plugins>
         ...
         <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-jarsigner-plugin</artifactId>
            <version>1.4</version>
            <executions>
               <execution>
                  <id>sign</id>
                    <goals>
                       <goal>sign</goal>
                    </goals>
               </execution>
               <execution>
                 <id>make-assembly</id>
                 <phase>package</phase>
                 <goals>
                    <goal>sign</goal>
                 </goals>
               </execution>
            </executions>
            <configuration>
               <keystore>${keystore.path}</keystore>
               <alias>${keystore.alias}</alias>
               <storepass>${keystore.password}</storepass>
               <keypass>${keystore.password}</keypass>
            </configuration>
         </plugin>
      </plugins>
   </build>
</project>

 

 

Compile and sign JARs by MAVEN


Go to your project root folder (where is located pom.xml) and run command.  Don’t forgot modify KEY_STORE_PASSWORD, PATH_TO_JKS_FILE and PATH_TO_JKS_FILE by your current settings.

mvn clean package -Dkeystore.password=KEY_STORE_PASSWORD -Dkeystore.path=PATH_TO_JKS_FILE -Dkeystore.alias=CERTIFICATE_ALIAS


Leave a Reply

Your email address will not be published. Required fields are marked *