我有一些 Eclipse 插件,它们是功能的一部分。我们希望在更新站点更新时对这些插件应用代码签名。
导出单个插件时,我可以看到 JAR 签名选项卡,但在更新站点项目设置中看不到任何类似的内容。
另外,我读过的教程使用的是自签名证书。谁能向我指出使用 Verisign 证书(即 *.pfx 文件)的说明?
有人可以帮忙吗?
谢谢,
艾伦
编辑:我已将凯恩的回应标记为答案,因为它与我采取的步骤非常相似,并且是一种启发。我实际上按照这些说明对 jar 进行了签名,因为它基于 pfx 文件: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1072
第 1 步:运行以下命令查看有关证书的详细信息(用您自己的文件名替换文件名):
keytool -list -v -storetype pkcs12 -keystore [Filename].pfx
第 2 步:滚动到输出顶部并记下别名值。
第 3 步: 使用以下命令对每个 jar 文件进行签名(将文件名和别名替换为您自己的文件名和别名):
jarsigner -storetype pkcs12 -keystore [Filename].pfx [Filename].jar "[AliasName]"
我现在需要想出一种管理/自动化该过程的方法。
I have a few Eclipse plugins that are part of a feature. We would like to apply code signing to these plugins when the update site is updated.
I can see the JAR Signing tab when exporting an individual plugin, but I can't see anything similar in my update site project settings.
Also, the tutorials that I have read are using self-signed certificates. Can anyone point me towards instructions for using Verisign certificates (i.e. *.pfx files)?
Can anyone help?
Thanks,
Alan
Edit: I have marked Kane's response as the answer because it is very similar to the steps that I took and was an inspiration. I actually followed these instructions to sign the jars because it was based on pfx files: https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1072
Step 1: Run the following command to view details about the certificate (substituting the filename with your own):
keytool -list -v -storetype pkcs12 -keystore [Filename].pfx
Step 2: Scroll to the top of the output and take a note of the Alias name value.
Step 3: Sign each jar file using the following command (substituting the filenames and alias name for your own):
jarsigner -storetype pkcs12 -keystore [Filename].pfx [Filename].jar "[AliasName]"
I now need to come up with a way of managing / automating the process.
发布评论
评论(1)
更新站点项目不提供对 jar 进行签名的功能。对 jar 进行签名是一个纯 java 概念,您可以使用 JDK 中的 Signtool 来完成此操作。
如果您想通过使用 Windows 代码签名证书来对 jar 进行签名,您可以参考此博客 帖子。
根据我的成功经验,我首先将pfx转换为JKS格式的证书,然后在ant中调用以下命令,
Update site project doesn't provide such capability to sign the jars. Signing jars is a pure java concept, you could use the signtool from JDK to do it.
If you want to sign you jars via using the certificate for Windows code signing, you could refer to this blog post.
In my successful experience, I convert pfx to JKS format certificate firstly, then call below command in ant,