Use the jarsigner command

this section provides examples of how you use the jarsigner command to sign a jar file and verify the signature of a signed jar file sign a java archive (jar) file before performing the following steps to sign a java archive (jar) file ( example jar , in this case), ensure that the keys stored on the {{k3}} that you need for signing are accessible run the following command to go to the $java home/bin directory cd $java home/bin run the following keytool command to list all of the keys on the {{k}} that the configured identity has access to keytool keystore none storetype pkcs11 providerclass sun security pkcs11 sunpkcs11 providername sunpkcs11 futurex list the response should be similar to the following keystore type pkcs11 keystore provider futurex your keystore contains 2 entries jarsignerdemo, privatekeyentry, certificate fingerprint (sha 256) 1f 1f 44 11\ c2 6c 35 93\ b8\ df\ d9 32 8a 39 2d 96 99 42\ da\ df 39\ d5\ f3\ d0 93\ ea 77 91 5a\ ed 80\ ce jarsignerdemoca, trustedcertentry, certificate fingerprint (sha 256) 9f\ b7 23 3c 20 5a 4b 59\ c1 25\ f9 11 76 21\ ea 6e 4a 79\ ef 1a 6c 17 45\ a6\ d8 37 1c 59\ e2 6b\ c3 02 change directory to the same directory that contains the example jar file after you confirm the keys needed for code signing are accessible and change to the directory with the example jar file, run the following command to sign a jar file by using the {{k}} stored keys jarsigner keystore none storetype pkcs11 providerclass sun security pkcs11 sunpkcs11 providername sunpkcs11 futurex signedjar demo signed jar example jar jarsignerdemo the last field in the preceding jarsigner command, jarsignerdemo , must match the alias you specified in the keytool importcert command in the previous section refer to the oracle documentation about other jarsigner command flags such as tsa and tsacert if the signing succeeds, the response includes a confirmation message that says jar signed verify the signature of a signed jar file the jarsigner command in the previous section returned a signed jar file, demo signed jar now, run the following command to verify the signature of that file jarsigner verify demo signed jar verbose certs if the verification succeeds, the response includes a confirmation message jar verified