Exchanging Files |
Before signing the
Contract.jar
JAR file containing thecontract
file, you need to generate keys, if you don't already have suitable keys available. The private key is needed to sign the JAR file, and the corresponding public key is needed by the contract receiver to verify the signature.This lesson assumes that you don't yet have such keys. You are going to create a keystore named
stanstore
and create an entry with a newly generated public/private key pair (with the public key in a certificate).Now pretend that you are Stan Smith and that you work in the legal department of XYZ corporation. Type the following in your command window to create a keystore named
stanstore
and to generate keys for Stan Smith:keytool -genkey -alias signLegal -keystore stanstoreYou will be prompted for the keystore password, your distinguished-name information, and the key password. Following are the prompts; the bold indicates what you should type.
Enter keystore password: balloon53 What is your first and last name? [Unknown]: Stan Smith What is the name of your organizational unit? [Unknown]: Legal What is the name of your organization? [Unknown]: XYZ What is the name of your City or Locality? [Unknown]: New York What is the name of your State or Province? [Unknown]: NY What is the two-letter country code for this unit? [Unknown]: US Is <CN=Stan Smith, OU=Legal, O=XYZ, L=New York, ST=NY, C=US> correct? [no]: y Enter key password for(RETURN if same as keystore password): cat876 The preceding
keytool
command creates the keystore namedstanstore
in the same directory in which the command is executed (assuming that the specified keystore doesn't already exist) and assigns it the passwordballoon53
. The command generates a public/private key pair for the entity whose distinguished name has a common name of Stan Smith and an organizational unit of Legal.The self-signed certificate created includes the public key and the distinguished-name information. (A self-signed certificate is one signed by the private key corresponding to the public key in the certificate.) This certificate will be valid for 90 days, the default validity period if you don't specify a -validity option. The certificate is associated with the private key in a keystore entry referred to by the alias
signLegal
. The private key is assigned the passwordcat876
.
Exchanging Files |