Getting started with module-signer
- Java 11 installed and on your path.
- A Java Keystore (in jks or pfx format) containing either:
- A self-generated and self-signed code signing certificate.
- A code signing certificate, obtained from and signed by a CA, and the certificate chain that goes with it.
Keystore Explorer is an easy to use tool for creating and managing keystores and certificates.
Invocation from the command-line:
java -jar module-signer.jar \ -keystore=<path-to-my-keystore>/keystore.jks \ -keystore-pwd=<password> \ -alias=server \ -alias-pwd=<password> \ -chain=<pathToMyp7b>/cert.p7b \ -module-in=<path-to-my-module>/my-unsigned-module.modl \ -module-out=<path-to-my-module>/my-signed-module.modl
The path to the keystore containing your code signing certificate. Can be either JKS or PFX format.
The password to access the keystore.
The alias under which your code signing certificate is stored.
The password to access the alias.
The path to the certificate chain (in p7b format). This file will is generally returned along with your signed certificate after submitting a CSR to a CA.
The path to the unsigned module.
The path the signed module will be written to.