Feedback Form
|
|
Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
Suppose that you are Ruth and have received from Stan Smith
- The signed JAR file
sContract.jarcontaining a contract
- The file
StanSmith.cercontaining the public key certificate for the public key corresponding to the private key used to sign the JAR fileBefore you can use the
jarsignertool to check the authenticity of the JAR file's signature, you need to import into your keystore the certificate from Stan.Even though you (acting as Stan) created these files and they haven't actually been transported anywhere, you can simulate being someone other than the creater and sender, Stan. Acting as Ruth, type the following to create a keystore named
ruthstoreand import the certificate into an entry with an alias ofstan.Since the keystore doesn't yet exist, it will be created. You will be prompted for a keystore password; type whatever password you want.keytool -import -alias stan -file StanSmith.cer -keystore ruthstoreThe
keytoolwill print out the certificate information and ask you to verify it, for example, by comparing the displayed certificate fingerprints with those obtained from another (trusted) source of information. (Each fingerprint is a relatively short number that uniquely and reliably identifies the certificate.) For example, in the real world you might call up Stan and ask him what the fingerprints should be. He can get the fingerprints of theStanSmith.cerfile he created by executing the commandIf the fingerprints he sees are the same as the ones reported to you bykeytool -printcert -file StanSmith.cerkeytool, the certificate has not been modified in transit. In that case you letkeytoolproceed with placing a "trusted certificate" entry in the keystore. The entry contains the public key certificate data from the fileStanSmith.cerand is assigned the aliasstan.
|
|
Start of Tutorial > Start of Trail > Start of Lesson |
Search
Feedback Form |
Copyright 1995-2005 Sun Microsystems, Inc. All rights reserved.