Dear Rob,
thanks a lot for your response. I had a look at the example and it
seems it describes the use of a self-signed certificate (couldn't
figure out where a third party issues or verifies the certificate used
for signing). This already works in standard OM(2/3). What I need are
instructions on how to use an existing (trusted and verified class 2
server-)certificate for code signing. It seems our OM/build.xml setup
is correct (incl. the keystore) as we get the following error message:
"This jar contains entries whose signer certificate's ExtendedKeyUsage
extension doesn't allow code signing."
Doing some research, this points to a limitation of the
(server-)certificate, which might not be used for code signing. It
seems some server certificates can do the signing and some not.
Confusing!!!
Cheers,
Rene'
Quoting Roberto Resoli <[email protected]>:
On 01 aprile 2014 22:14:20 CEST, Roberto Resoli
<[email protected]> wrote:
On 01 aprile 2014 22:07:34 CEST, Rene' Rosenbaum <[email protected]>
wrote:
Hi,
not sure, but think this is rather an issue of the certificate itself
than the settings (in OM). Keep you guys posted ... Rene'
I guess you need a keystore with a private key and a corresponding
certificate. I have some experience in this, even if not om specific.
Ask if you never setup a keystore for software signing.
bye,
rob
In the meanwhile, some instructions from another project i work into
(in italian only atm, sorry):
http://sourceforge.net/apps/trac/j4sign/wiki/HowtoSignCode
rob
