creating a keystore for plugin signing the easy way

Report

Tags:

Post on 10-May-2015

1.923 Views

Category:

Technology

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

How to create a keystore for jar-file signing and how to export the certificate for use with Lotus Domino policies to broadcast the trust to Notes clients.

TRANSCRIPT

How to create a Java keystore for plugin signing the easy way

Mikkel Flindt HeisterbergOnTime by IntraVision

Create the keystore• Use iKeyMan to create the keysore– <Notes>\jvm\bin\ikeyman.exe i.e. C:\Notes8\jvm\

bin\ikeyman.exe• Create keystore of

type JCEKS and specify a password for the keystore

• Note the directory where you create the keystore

Create self-signed certificate• In ”Personal Certificates” click ”New Self-

Signed...” and fill in the fields. • Make sure to adjust the

validity perido of the certificate

• Note the ”Key Label” you specify (here it’s”signerkey”)

• Exit iKeyman

Verify keystore• In a DOS prompt use the KeyTool from the JDK

to verify the keystore– If you haven’t got a JDK installed use the one

installed with Notes (<Notes>\jvm\bin\keytool.exe)

• C:\Notes8\jvm\bin\keytool.exe -keystore keystore.jck -storetype jceks -list -v

Verify keystore

Export certificate• Now export the certificate that is the

certificate to verify jar-file signatures– Again using the keytool as before– This creates mycert.der which is the file you

import into Domino Directory

• C:\Notes8\jvm\bin\keytool.exe -keystore keystore.jck -storetype jceks –export –file mycert.der –alias signerkey

Export certificate

Import the certificate in Domino

Import the certificate in Domino

Import the certificate in Domino

Import the certificate in Domino

Trust• Next steps are to– Cross certify the imported internet certificate with

your a Notes certifier– Use policies (Security settings) to broadcast the

internet certificate and cross certification of the internet certificate to Notes clients

– The option is on the ”Keys and Certificates” tab under ”Administrative Trust Defaults”

Sign jar-file using keystore• You sign jar-files using the jarsigner.exe tool

from the JDK– Again you can use the one installed with the Notes

JVM if need be

• C:\Notes8\jvm\bin\jarsigner.exe -keystore keystore.jck -storetype jceks –signedjar signed.jar myfile.jar signerkey

Sign jar-file using keystore

top related

mbs filemaker plugin de - monkeybread software · mbs...
Documents
sms/content exchange (https) · 4. use the following...
Documents
wordpress plugin development plugin development (with...
Documents
only wow - keystore
Documents
snakes in a plugin - wordpress plugin security
Internet
urban freeway signing and the freeway signing handbook
Documents
mariadb sicherheit: audit plugin, authentification plugin,...
Software
sparx systems keystore services user guide · 2017. 10....
Documents
locksmith: secure android keystore based on virtualized
Documents
managing tls certificate, keystore, and truststore...
Documents
plugin alliance activation manual · plugin alliance...
Documents
qq--mmoonniittoorr...
Documents
pcm plugin - d36j349d8rqm96.cloudfront.net pcm plugin...
Documents
cad -...
Documents
3.06 logo logon plugin exercisen plugin exercise
Documents
signing statements, executive orders, executive agreements...
Documents
and other new hawtness january 21, 2016 …...fido and...
Documents
cad - سریع آسان softwares/dialux 1 sariasan.pdf ·...
Documents
installation guide for antegma accallio ox 1.0 ·...
Documents
software engineering for android – security and user...
Documents