Sign JAR Files with JARSigner using AppViewX CSP/PKCS#11 Provider

Prerequisites

Run the AppViewX SIGN+ Installer to install the prerequisites required to use the AppViewX CSP/PKCS#11 Provider with Jarsigner.

AppViewX CSP with JarSigner:

jarsigner.exe -verbose -storetype "Windows-My" -keyStore NONE -tsa <time_stamp_url> <input_file_path> -signedjar <output_file_path> -sigalg <signature algorithm> <keypair alias>

The <time_stamp_url>, <signature algorithm> and <keypair alias> parameters are auto generated in the README after running the SIGN+ Installer.

AppViewX PKCS#11 Provider with JarSigner:

jarsigner.exe -verbose -keystore NONE -storetype PKCS11 -certs -providerclass sun.security.pkcs11.SunPKCS11 -providerArg <path to AVXPKCS11V1.cfg> <input_file_path> -signedjar <output_file_path> -tsa <time_stamp_url> -sigalg <signature algorithm> <keypairalias>

The <path to AVXPKCS11V1.cfg>, <time_stamp_url>, <signature algorithm> and <keypair alias> parameters are auto generated in the README after running the SIGN+ Installer.

Verify Signed Artifact with JarSigner

The following command can be used to verify signed artifact with JarSigner:

jarsigner.exe -verify -verbose <input_file_path>