Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!
COURSE of the MONTH
14 days, 14 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Code Signing *.jars using DoD PKI Hard token
Posted on 2012-12-28
I am at my wits end and will try Experts Exchange for once. Is there any guidance on how to code sign *.jar files using DoD PKI hard card. The Code Signing certificate is embedded in the card once I get it, however, how do I use the card to sign my *.jar files?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
1 Comment
Active today
maybe of interest - see "Java Keystore". it uses jarsigner and pfx to sign .jar file. however, CAC (or smart card) is not supposed to have private key exported hence you will not have pfx.
http://www.ewert-technologies.ca/blog/articles/cross-platform-code-signing
challenge is how to create and link the keystore used for signing to CAC.
there is an old article series (see pg1,2 and 3) on smart card in general using pkcs#11 which you should take a look first for general smartcard
Pg1-http://www.developer.com/java/other/article.php/3587361/Java-Applet-for-Signing-with-a-Smart-Card.htm
Pg2-http://www.developer.com/java/other/article.php/10936_3587361_2/Java-Applet-for-Signing-with-a-Smart-Card.htm
pg3-http://www.developer.com/java/other/article.php/10936_3587361_3/Java-Applet-for-Signing-with-a-Smart-Card.htm
Specifically the pkcs#11 is using Sun java library seems to be the common way for java. Closest I can find for such java codes (2 links) to CAC are stated below which can be useful ref.
//Create our certificates from our CAC Card
String configName = "card.config";
Provider p = new sun.security.pkcs11.SunPKC
Security.addProvider(p);
http://stackoverflow.com/questions/752890/how-to-connect-to-https-server-using-common-access-card/753129#753129
http://stackoverflow.com/questions/544056/common-access-card-cac-authentication-using-java
You can check this out this section "Signing and Verification with the On-Card Certificate" for the signing as well, but it will be rather similar as above (pg1-3) links
http://rostislav-matl.blogspot.sg/2012/04/using-smart-card-as-keystore-in-java.html
Hope it helps...Personally never done that ....
http://www.ewert-technologies.ca/blog/articles/cross-platform-code-signing
challenge is how to create and link the keystore used for signing to CAC.
there is an old article series (see pg1,2 and 3) on smart card in general using pkcs#11 which you should take a look first for general smartcard
Pg1-http://www.developer.com/java/other/article.php/3587361/Java-Applet-for-Signing-with-a-Smart-Card.htm
Pg2-http://www.developer.com/java/other/article.php/10936_3587361_2/Java-Applet-for-Signing-with-a-Smart-Card.htm
pg3-http://www.developer.com/java/other/article.php/10936_3587361_3/Java-Applet-for-Signing-with-a-Smart-Card.htm
Specifically the pkcs#11 is using Sun java library seems to be the common way for java. Closest I can find for such java codes (2 links) to CAC are stated below which can be useful ref.
//Create our certificates from our CAC Card
String configName = "card.config";
Provider p = new sun.security.pkcs11.SunPKC
Security.addProvider(p);
http://stackoverflow.com/questions/752890/how-to-connect-to-https-server-using-common-access-card/753129#753129
http://stackoverflow.com/questions/544056/common-access-card-cac-authentication-using-java
You can check this out this section "Signing and Verification with the On-Card Certificate" for the signing as well, but it will be rather similar as above (pg1-3) links
http://rostislav-matl.blogspot.sg/2012/04/using-smart-card-as-keystore-in-java.html
Hope it helps...Personally never done that ....
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Make the most of your online learning experience.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message. In the To field, type your recipient's fax number @efaxsend.com.
You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
- Document Management
- Printers and Scanners
- Document Imaging
- Software-Other
- Images and Photos
- Adobe Acrobat, Photos / Graphics Software, Security, OCR, *PDF
Suggested Courses
Course of the Month14 days, 14 hours left to enroll
771 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.