search

kaikramer / keystore-explorer

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool and jarsigner.
https://keystore-explorer.org/
GNU General Public License v3.0
1.7k stars 275 forks source link

Allow to open signed JARs and examine the certificate chain or validate #221

Closed ecki closed 2 years ago

ecki commented 4 years ago

Is your feature request related to a problem? Please describe.

The jarsigner -verify is pretty limited to inspect the used certificates, chains and signatures. You can manually export the certificate entry and look at the cert chain, but it would be good if opening a JAR file can detect that automatically.

Describe the solution you'd like The "Examine File" should recognize jar files and offer all contained keys chains to view. (Optionally to validate the signature and digests from manifest.)

Describe alternatives you've considered jarsigner might be hard to change as its a very regulated tool.

Additional context I had to look at the certificate chain of a signed jar as it changed to to the expored UserTrust CA and that was not possible with the verbose output of jarsigner tool.

Colbix commented 3 years ago

@kaikramer I believe this was introduced with the PR #276.

kaikramer commented 3 years ago

Well, actually this is a duplicate of #132, but that is done already for 5.5.0 as well

kaikramer commented 2 years ago

Closing tickets in preparation for release of KSE 5.5.0