2009年6月6日 星期六

轉換 Code sign 憑證成為可以 sign XPI , jar 檔的 pfx

Signing Jar Files




Signing Jar Files (converting pvk to p12)

You will need two files:

• pvk file (generated by IE, and stored in c:\mykey.pvk by default)
• spc file (the cert)

Now to generate a PKCS12 pfx file you need Microsoft's pvkimprt tool. So install and run the tool:
pvkimprt c:\mycert.spc c:\mykey.pvk

Import it into your personal keystore, so we can export it as a pfx file:
• Start-Run: mmc.exe
• Add Snapin: Certificates
• Properties: Add a friendly name to the cert (this will be the alias)
• Export a pfx file

And after that process you will have a certificate you can use to sign jar files, and possibly start your own import/export business.
Here's the ant task I use to sign jar files:

message="Please enter keystore password:"
addproperty="keypass" />

keystore="${keystore}/yourkey.p12" alias="Your Alias"
storepass="${keypass}"/>


Code signing java applets is also possible. A comprhensive guide can be found here:

http://www.suitable.com/docs/signing.html

沒有留言: