Help with sign jar files

[carlosspohr]

Hi there,

Yes, I know this library doesn't not support JAR files, but I got stuck after we bought a new Code Sign EV certificate in token format, and this one was installed on Google HSM/KMS platform.

Searching in web, all content about signature of applications points to this library, and I really don't know what I can do to solve this.

On older format, I had a simple Ant task to sign all my jars, like this:

<target name="task.sign.jars">
    <signjar 
        alias="my-alias" 
        keystore="my-keystore.jks" 
        keypass="123456" 
        storepass="123456"
        tsaurl="http://timestamp.digicert.com"
        lazy="true">
        <path>
            <fileset dir="${deploy.dir}/jars/" includes="**/*.jar" />
        </path>
    </signjar>
</target>

I tried to do the same using your library, but I got an error about unsupported file format:

jsign --storetype GOOGLECLOUD --storepass <api-access-token> --keystore <ks_name> --alias <alias> --certfile public-key.pem app.jar

Could anyone help me or suggest some content so I can sign my jar files?

Or is there a Jenkins plugin that does this?

Or, is it possible to create a new JKS to continue to use the ant task above?

What I have:

• Code Sign EV certificate;
• This code is already installed on Google HSM/KMS;
• API access token generated;
• A public key in PEM format for this certificate;