Uploaded image for project: 'Maven JAR Plugin'
  1. Maven JAR Plugin
  2. MJAR-112

Sign using a PKCS11 token

Agile BoardAttach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Critical
    • Resolution: Won't Fix
    • 2.2
    • None
    • sign
    • None

    Description

      For the moment one can only sign using a software keystore. But for production builds your private key is often stored on some smart card device like an eToken. It would be useful if you could configure the maven-jar-plugin to run something similar to:
      jarsigner -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg etoken.config the_jar_to_sign.jar ALIAS_XYZ

      Where my etoken.config file contains:
      name=eToken
      library=/usr/lib/libeTPkcs11.so

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            bentmann Benjamin Bentmann
            fcorneli Frank Cornelis
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment