I am having trouble facing generating a self signed certificate for a jar file. I also want to know how to set validity of the certificate for less than 1 day. Someone please reply with steps to solve my problem. Thank you.
Java comes with the "keytool" utility for generating certificates, for which there are lots of tutorials out there on the web.
Akhil Surya A
posted 3 weeks ago
I tried generating a certificate by setting validity as 1 day,even after that day the signed jar works.
keytool -genkeypair -dname "cn=Sachin Tendulkar, ou=Techtips, o=SevenMountz, c=US" -alias selfsigned -keypass welcome -keystore selfsignedstore.jks -storepass welcome -validity 1
this was the example I tried.and signed by following code.
jarsigner -keystore selfsignedstore.jks myapplication.jar selfsigned
I was trying to set an expiry date on that file using self signed certificate.
Being signed with an expired certificate does not mean that the jar file will somehow cease to work. Hence my question:
How are you using the jar so that you can reasonably expect it not to work?
If you are expecting the JRE not to execute code in a jar file signed with an invalid certificate, that's not how certificates work. You will need a SecurityManager in place that checks for that. I'm not sure if the JRE's standard SecurityManager enforces this, but you can check by running the JVM via "java -Djava.security.manager ...". If that still works, you will need to write your own security manager that enforces this.
Akhil Surya A
posted 2 weeks ago
for your question, I was trying to figure out how the certificate expiration works out.
thank you for helping me out.