Sign a zip file via JarSigner with detached signature
posted 10 months ago
I'm trying to sign a zip file with a Detached Signature via Java Signer.exe tool - something like pgp tool does.
I downloaded & installed java...
And until now I succeeded to
1. create a self signed certificate in Java's key store.
2. Succeeded to sign a zip file with the command line:
C:\Program Files\Java\jdk1.8.0_111\bin>jarsigner -keystore "C:\New\Keystore.jks" -storepass 123456 -sigfile CERT -signedjar c:\new\signed_zip.zip c:\temp\how_to.zip my_cert
BUT this method inserts a META-INF files into the signed zip file.
Can you please tell me the parameters to jarsigner, that will sign the zip file in a way that the signature will be DETACHED in a (base 64) separate file... and the original zip file will remain untouched.