[jira] [Commented] (MJAR-112) Sign using a PKCS11 token

Jira Mon, 09 Jun 2025 13:27:17 -0700


    [ 
https://issues.apache.org/jira/browse/MJAR-112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17957206#comment-17957206
 ]


Matthias Bünger commented on MJAR-112:
--------------------------------------

This project has moved from Jira to GitHub Issues. This issue was migrated to 
[apache/maven-jar-plugin#289|https://github.com/apache/maven-jar-plugin/issues/289].
 

> Sign using a PKCS11 token
> -------------------------
>
>                 Key: MJAR-112
>                 URL: https://issues.apache.org/jira/browse/MJAR-112
>             Project: Maven JAR Plugin (Moved to GitHub Issues)
>          Issue Type: New Feature
>          Components: sign
>    Affects Versions: 2.2
>            Reporter: Frank Cornelis
>            Assignee: Benjamin Bentmann
>            Priority: Critical
>         Attachments: maven-jar-plugin-provider-class-arg.patch
>
>
> For the moment one can only sign using a software keystore. But for 
> production builds your private key is often stored on some smart card device 
> like an eToken. It would be useful if you could configure the 
> maven-jar-plugin to run something similar to:
>     jarsigner -keystore NONE -storetype PKCS11 -providerClass 
> sun.security.pkcs11.SunPKCS11 -providerArg etoken.config the_jar_to_sign.jar 
> ALIAS_XYZ
> Where my etoken.config file contains:
>     name=eToken
>     library=/usr/lib/libeTPkcs11.so



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAR-112) Sign using a PKCS11 token

Reply via email to