Name
jarsigner
Synopsis
jarsigner [options]jarfile aliasjarsigner -verify [options]jarfile
Sign or verify .jar
files. Adding a digital signature to a .jar file improves its security, since
changing the contents causes the signature to become invalid.
jarfile is the original file to be signed;
alias is a recognized alias for the identity
of the signer. By default jarsigner replaces the original file
with the signed one. This can be changed with the
-signedjar option.
The generated signed .jar
file is identical to the input one, with the addition of two new
files: a .SF signature file and
a .DSA signature block file.
The default names of these files are taken from the first eight
characters of alias, but this may be
overridden with the -sigfile option.
The -keypass, -keystore,
-sigfile, -signedjar, and
-storepass options are only for signing a
file.
Whenever jarsigner accepts a password for an option, if not provided on the command line, the program prompts for a password. Such options should not be used in scripts or on the command line, since they make passwords visible. Similarly, jarsigner does not turn off echoing when prompting for a password, so make sure no one else can see your screen when using such options! See also keytool.
Options
-
-certs Together with
-verifyand-verbose, provide certificate information for each signer of the.jarfile.-
-internalsf Revert to earlier behavior, whereby the
.DSAfile also contains a copy of the.SFfile. Useful mainly for testing.-
-Jjava-option ...
Get Unix in a Nutshell, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
