Sign and Verify the Sample Jar File | Utimaco Integration Guides

Sign the sample jar file using Utimaco HSM keystore.

›_ Console
# jarsigner -tsa http://timestamp.digicert.com -keystore NONE -storepass 123456 -storetype PKCS11 -providername SunPKCS11-CryptoServer -signedjar <name_of_signedjar_to_be_generated> <jar_to_be_signed> utimacokey Example # jarsigner -tsa http://timestamp.digicert.com -keystore NONE -storepass 123456 -storetype PKCS11 -providername SunPKCS11-CryptoServer -signedjar sample_signed.jar sample.jar utimacokey jar signed. The signer certificate will expire on 2023-04-08. The timestamp will expire on 2033-03-14.

›_ Console

# jarsigner -tsa http://timestamp.digicert.com -keystore NONE -storepass 123456 -storetype PKCS11 -providername SunPKCS11-CryptoServer -signedjar

<name_of_signedjar_to_be_generated> <jar_to_be_signed> utimacokey Example

# jarsigner -tsa http://timestamp.digicert.com -keystore NONE -storepass 123456 -storetype PKCS11 -providername SunPKCS11-CryptoServer -signedjar sample_signed.jar sample.jar utimacokey

jar signed.

The signer certificate will expire on 2023-04-08. The timestamp will expire on 2033-03-14.

Verify the signed jar file.

›_ Console
# jarsigner -verify sample_signed.jar -verbose s 1908 Fri Apr 08 06:07:58 UTC 2022 META-INF/MANIFEST.MF 1989 Fri Apr 08 06:07:58 UTC 2022 META-INF/UTIMACOK.SF 7355 Fri Apr 08 06:07:58 UTC 2022 META-INF/UTIMACOK.RSA 0 Wed Mar 23 18:18:34 UTC 2022 META-INF/ 0 Wed Mar 23 18:18:34 UTC 2022 META-INF/maven/ 0 Wed Mar 23 18:18:34 UTC 2022 META-INF/maven/com.utimaco/ 0 Wed Mar 23 18:18:34 UTC 2022 META- INF/maven/com.utimaco/utimaco-commons/ 0 Wed Mar 23 18:18:32 UTC 2022 com/ 0 Wed Mar 23 18:18:32 UTC 2022 com/utimaco/ sm 1426 Thu Mar 03 13:38:18 UTC 2022 META- INF/maven/com.utimaco/utimaco-commons/pom.xml sm 64 Wed Mar 23 18:18:34 UTC 2022 META- INF/maven/com.utimaco/utimaco-commons/pom.properties s = signature was verified m = entry is listed in manifest k = at least one certificate was found in keystore i = at least one certificate was found in identity scope - Signed by "CN=Java Code Signing, OU=IT, O=Utimaco, L= Aachen, ST= NRW, C=DE " Digest algorithm: SHA-256 Signature algorithm: SHA256withRSA, 2048-bit key Timestamped by "CN=DigiCert Timestamp 2022 - 2, O="DigiCert, Inc.", C=US" on Fri Apr 08 06:07:58 UTC 2022 Timestamp digest algorithm: SHA-256 Timestamp signature algorithm: SHA256withRSA, 4096-bit key jar verified. The signer certificate will expire on 2023-04-08. The timestamp will expire on 2033-03-14.

›_ Console

# jarsigner -verify sample_signed.jar -verbose

s	1908 Fri Apr 08 06:07:58 UTC 2022 META-INF/MANIFEST.MF

1989 Fri Apr 08 06:07:58 UTC 2022 META-INF/UTIMACOK.SF

7355 Fri Apr 08 06:07:58 UTC 2022 META-INF/UTIMACOK.RSA

0 Wed Mar 23 18:18:34 UTC 2022 META-INF/

0 Wed Mar 23 18:18:34 UTC 2022 META-INF/maven/

0 Wed Mar 23 18:18:34 UTC 2022 META-INF/maven/com.utimaco/

0 Wed Mar 23 18:18:34 UTC 2022 META-

INF/maven/com.utimaco/utimaco-commons/

0 Wed Mar 23 18:18:32 UTC 2022 com/

0 Wed Mar 23 18:18:32 UTC 2022 com/utimaco/

sm	1426 Thu Mar 03 13:38:18 UTC 2022 META-

INF/maven/com.utimaco/utimaco-commons/pom.xml

sm	64 Wed Mar 23 18:18:34 UTC 2022 META-

INF/maven/com.utimaco/utimaco-commons/pom.properties

s = signature was verified

m = entry is listed in manifest

k = at least one certificate was found in keystore

i = at least one certificate was found in identity scope
- Signed by "CN=Java Code Signing, OU=IT, O=Utimaco, L= Aachen, ST= NRW, C=DE "

Digest algorithm: SHA-256

Signature algorithm: SHA256withRSA, 2048-bit key

Timestamped by "CN=DigiCert Timestamp 2022 - 2, O="DigiCert, Inc.", C=US" on Fri Apr 08 06:07:58 UTC 2022

Timestamp digest algorithm: SHA-256

Timestamp signature algorithm: SHA256withRSA, 4096-bit key jar verified.

The signer certificate will expire on 2023-04-08. The timestamp will expire on 2033-03-14.