The document discusses Java jar signing which allows jars to be signed with certificates to ensure they are from a trusted source and have not been tampered with. It describes the keytool and jarsigner commands used to generate keys, certificates, sign jars and verify signatures. This process involves creating a CA certificate, generating a keystore containing developer keys and certificates signed by the CA, using jarsigner to sign jars with the developer key, and importing the CA certificate so security managers can validate signed jars.
CIS14: Best Practices You Must Apply to Secure Your APIsCloudIDSummit
Scott Morrison, CA Technologies
Good practices to put in place and the common security antipatterns you must avoid to ensure your company’s APIs are reliable, safe and secure; includes top ways hackers exploit APIs in the wild, common identity pitfalls and how to avoid them, why OAuth scopes are essential to master, and how to keep web developers from bringing bad habits with them.
CIS14: Best Practices You Must Apply to Secure Your APIsCloudIDSummit
Scott Morrison, CA Technologies
Good practices to put in place and the common security antipatterns you must avoid to ensure your company’s APIs are reliable, safe and secure; includes top ways hackers exploit APIs in the wild, common identity pitfalls and how to avoid them, why OAuth scopes are essential to master, and how to keep web developers from bringing bad habits with them.
Identity theft: Developers are key - JFokus 2017Brian Vermeer
Identity theft is perhaps the most concerning kind of Cybercrime nowadays. The most concerning aspect of identity theft is that once you are a victim it is hard to get rid of the consequences. Although as developers we are probably well aware of the risks towards cybercrime and identity theft in particular, in many parts we as developers play a big role in making identity theft happen. It is not only about how secure is your program, but how aware are you? Or better said how naive are we in practice as developers in this big bad world.
Handling user passwords safely is hard, but replacing passwords on the web in a reasonable way is even harder. Really, this should have been in the browser all along. In this talk you we will see how Persona attempts to solve this issue.
Speaker: Tom Spitzer, Vice President, Engineering, EC Wise, Inc.
Session Type: 40 minute main track session
Level: 200 (Intermediate)
Track: Security
MongoDB Community Server provides a wide range of capabilities for securing your MongoDB installation. In this session, we will focus on access control features, including authentication and authorization mechanisms, that enable you to enforce a least privilege model on user accounts. We will also discuss strategies for enabling and maintaining service and application accounts. Next we will present the encryption capabilities that are available in the community edition and discuss their benefits and possible shortcomings. Finally, we will talk about application level protections your developers can implement to keep risky code from getting to your MongoDB instance.
What You Will Learn:
- The workings of the MongoDB User Management Interface, the Authentication Database, basic Authentication mechanisms (SCRAM-SHA-1 and certificates), Roles, and Role Based Access controls – plus best practices for using these features to improve the security of your database.
- How to use TLS/SSL for transport encryption, application encryption options, and field level redaction.
- How injection attacks work and how to minimize the risk of injection attacks.
Passwords suck, but centralized proprietary services are not the answerFrancois Marier
Passwords are a big problem online and a lot of websites have turned to centralized services to handle logins for them. It's a disturbing trend from a privacy/surveillance point of view, but from a software freedom point of view, it's also turning these proprietary services into core dependencies.
That's why Mozilla is building Persona, a new federated and cross-browser system which makes identity a standard part of the browser. It's simple, privacy-sensitive and entirely free software.
Persona: in your browsers, killing your passwordsFrancois Marier
Introduction to Persona, a new cross-browser login system for the web that's built entirely in Javascript. Powered by node.js on the backend, it pushes most of the crypto to the browser in order to create a secure and privacy-sensitive experience.
The Web beyond "usernames & passwords" (OSDC12)Francois Marier
Identity systems on the Web are a bit of a mess. Surely in 2012, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority with a privacy policy that can change at a whim.
It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult. It's a lot to ask of the millions of part-time developers out there that are building sites out of some quick HTML, a MySQL database and some PHP Code samples.
This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona, a new Open Source federated identity solution from Mozilla, designed and built to respect user privacy.
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...MITRE ATT&CK
From ATT&CKcon 3.0
By Jason Wood and Justin Swisher, CrowdStrike
When it comes to understanding and tracking intrusion tradecraft, security teams must have the tools and processes that allow the mapping of hands-on adversary tradecraft. Doing this enables your team to both understand the adversaries and attacks you currently see and observe how these adversaries and attacks evolve over time. This session will explore how a threat hunting team uses MITRE ATT&CK to understand and categorize adversary activity. The team will demonstrate how threat hunters map ATT&CK TTPs by showcasing a recent interactive intrusion against a Linux endpoint and how the framework allowed for granular tracking of tradecraft and enhanced security operations. They will also take a look into the changes in the Linux activity they have observed over time, using the ATT&CK navigator to compare and contrast technique usage. This session will provide insights into how we use MITRE ATT&CK as a powerful resource to track intrusion tradecraft, identify adversary trends, and prepare for attacks of the future.
OTN tour 2015 Experience in implementing SSL between oracle db and oracle cli...Andrejs Vorobjovs
Experience in implementing SSL between Oracle DB and Oracle Clients" - presentation will explain how to configure implement SSL between Oracle DB/Client
Cross-Platform Authentication with Google+ Sign-InPeter Friese
This presentations outlines how Google+ Sign-In allows your users to sign in once and then be signed in seamlessly across all of your apps. The session takes a look at Google+ Sign-in authentication models and highlights common pitfalls and best practices.
Every Android application has its own unique identity, typically inherited from the corporate developer’s identity. In July 2014, the Bluebox Security research team, Bluebox Labs, released the details of a new vulnerability discovered in Android, which allows these identities to be copied and used for nefarious purposes.
Dubbed “Fake ID,” the vulnerability allows malicious applications to impersonate specially recognized trusted applications without any user notification. This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM.
This year at Black Hat USA, Jeff Forristal, CTO of Bluebox, presented on Fake ID. His presentation explains the technical details of how the vulnerability works.
Watch a demo of the vulnerability here:
http://offers.bluebox.com/resource-video-fakeID-recording.html?aliId=903578
Identity theft: Developers are key - JFokus 2017Brian Vermeer
Identity theft is perhaps the most concerning kind of Cybercrime nowadays. The most concerning aspect of identity theft is that once you are a victim it is hard to get rid of the consequences. Although as developers we are probably well aware of the risks towards cybercrime and identity theft in particular, in many parts we as developers play a big role in making identity theft happen. It is not only about how secure is your program, but how aware are you? Or better said how naive are we in practice as developers in this big bad world.
Handling user passwords safely is hard, but replacing passwords on the web in a reasonable way is even harder. Really, this should have been in the browser all along. In this talk you we will see how Persona attempts to solve this issue.
Speaker: Tom Spitzer, Vice President, Engineering, EC Wise, Inc.
Session Type: 40 minute main track session
Level: 200 (Intermediate)
Track: Security
MongoDB Community Server provides a wide range of capabilities for securing your MongoDB installation. In this session, we will focus on access control features, including authentication and authorization mechanisms, that enable you to enforce a least privilege model on user accounts. We will also discuss strategies for enabling and maintaining service and application accounts. Next we will present the encryption capabilities that are available in the community edition and discuss their benefits and possible shortcomings. Finally, we will talk about application level protections your developers can implement to keep risky code from getting to your MongoDB instance.
What You Will Learn:
- The workings of the MongoDB User Management Interface, the Authentication Database, basic Authentication mechanisms (SCRAM-SHA-1 and certificates), Roles, and Role Based Access controls – plus best practices for using these features to improve the security of your database.
- How to use TLS/SSL for transport encryption, application encryption options, and field level redaction.
- How injection attacks work and how to minimize the risk of injection attacks.
Passwords suck, but centralized proprietary services are not the answerFrancois Marier
Passwords are a big problem online and a lot of websites have turned to centralized services to handle logins for them. It's a disturbing trend from a privacy/surveillance point of view, but from a software freedom point of view, it's also turning these proprietary services into core dependencies.
That's why Mozilla is building Persona, a new federated and cross-browser system which makes identity a standard part of the browser. It's simple, privacy-sensitive and entirely free software.
Persona: in your browsers, killing your passwordsFrancois Marier
Introduction to Persona, a new cross-browser login system for the web that's built entirely in Javascript. Powered by node.js on the backend, it pushes most of the crypto to the browser in order to create a secure and privacy-sensitive experience.
The Web beyond "usernames & passwords" (OSDC12)Francois Marier
Identity systems on the Web are a bit of a mess. Surely in 2012, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority with a privacy policy that can change at a whim.
It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult. It's a lot to ask of the millions of part-time developers out there that are building sites out of some quick HTML, a MySQL database and some PHP Code samples.
This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona, a new Open Source federated identity solution from Mozilla, designed and built to respect user privacy.
Mapping to MITRE ATT&CK: Enhancing Operations Through the Tracking of Interac...MITRE ATT&CK
From ATT&CKcon 3.0
By Jason Wood and Justin Swisher, CrowdStrike
When it comes to understanding and tracking intrusion tradecraft, security teams must have the tools and processes that allow the mapping of hands-on adversary tradecraft. Doing this enables your team to both understand the adversaries and attacks you currently see and observe how these adversaries and attacks evolve over time. This session will explore how a threat hunting team uses MITRE ATT&CK to understand and categorize adversary activity. The team will demonstrate how threat hunters map ATT&CK TTPs by showcasing a recent interactive intrusion against a Linux endpoint and how the framework allowed for granular tracking of tradecraft and enhanced security operations. They will also take a look into the changes in the Linux activity they have observed over time, using the ATT&CK navigator to compare and contrast technique usage. This session will provide insights into how we use MITRE ATT&CK as a powerful resource to track intrusion tradecraft, identify adversary trends, and prepare for attacks of the future.
OTN tour 2015 Experience in implementing SSL between oracle db and oracle cli...Andrejs Vorobjovs
Experience in implementing SSL between Oracle DB and Oracle Clients" - presentation will explain how to configure implement SSL between Oracle DB/Client
Cross-Platform Authentication with Google+ Sign-InPeter Friese
This presentations outlines how Google+ Sign-In allows your users to sign in once and then be signed in seamlessly across all of your apps. The session takes a look at Google+ Sign-in authentication models and highlights common pitfalls and best practices.
Every Android application has its own unique identity, typically inherited from the corporate developer’s identity. In July 2014, the Bluebox Security research team, Bluebox Labs, released the details of a new vulnerability discovered in Android, which allows these identities to be copied and used for nefarious purposes.
Dubbed “Fake ID,” the vulnerability allows malicious applications to impersonate specially recognized trusted applications without any user notification. This can result in a wide spectrum of consequences. For example, the vulnerability can be used by malware to escape the normal application sandbox and take one or more malicious actions: insert a Trojan horse into an application by impersonating Adobe Systems; gain access to NFC financial and payment data by impersonating Google Wallet; or take full management control of the entire device by impersonating 3LM.
This year at Black Hat USA, Jeff Forristal, CTO of Bluebox, presented on Fake ID. His presentation explains the technical details of how the vulnerability works.
Watch a demo of the vulnerability here:
http://offers.bluebox.com/resource-video-fakeID-recording.html?aliId=903578
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
6. Java keytool
Keytool is the key (key) and certificates (certificates) in the presence of a file called
keystore
keystore
Key entity
Trusted certificate entries
7. Java keytool
Keytool Command
-keystore The file named .keystore in the user's home directory
-alias Create alias. Defalut : "mykey"
-genkey Creating or Adding Data to the Keystore
-keyalg key algorithm name. Defalut : "DSA"
-keysize key bit size. Defalut : 1024
-certreq Generate the Certificate Signing Request (CSR)
-import Imports a certificate or a certificate chain
-list Lists entries in a keystore
-v verbose output
8. Jar signing - Step1
Creating a Sample CA Certificate
openssl req -config c:opensslbinopenssl.cnf -new -x509
-keyout ca-key.pem -out ca-certificate.pem -days 365
Using properties from c:opensslbinopenssl.cnf
Loading ’screen’ into random state: done
Generating a 1024 bit RSA private key
.................++++++
.....................++++++
writing new private key to ’ca-key.pem.txt’
Enter PEM pass phrase:
Verifying password: Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be
incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name
or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
-----
Country Name (2 letter code) []:US
State or Province Name (full name) []:California
Locality Name (eg, city) []:Monrovia
Organization Name (eg, company) []:Sun
Organizational Unit Name (eg, section) []:Development
Common Name (eg, your websites domain name) []
:development.sun.com
Email Address []:development@sun.com
9. Jar signing - Step2
Create java keystore
keytool –keystore clientkeystore –genkey –alias client
Enter keystore password:
What is your first and last name?
[Unknown]: Jason
What is the name of your organizational unit?
[Unknown]: Jason
What is the name of your organization?
[Unknown]: Jason
What is the name of your City or Locality?
[Unknown]: Jason
What is the name of your State or Province?
[Unknown]: Jason
What is the two-letter country code for this unit?
[Unknown]: US
Is <CN=development.sun.com, OU=Development, O=Sun, L=Monrovia, ST=California, C=US> correct?
[no]: yes
Enter key password for <client>
(RETURN if same as keystore password):
10. Jar signing
Keystore verbose output
keytool -list -v -keystore clientkeystore
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: client
Creation date: 2014/3/7
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Jason, OU=Jason, O=Jason, L=Jason, ST=Jason, C=US
Issuer: CN=Jason, OU=Jason, O=Jason, L=Jason, ST=Jason, C=US
Serial number: 3277605
Valid from: Fri Mar 07 02:21:08 CST 2014 until: Thu Jun 05 02:21:08 CST 2014
12. Jar signing - Step4
Generate a signed certificate for the associated Certificate Signing Request.
openssl x509 -req -CA ca-certificate.pem -CAkey ca-key.pem.txt -in client.csr -out
client.cer -days 365 -CAcreateserial
13. Jar signing - Step5
Use the keytool to import the CA certificate into the client keystore
keytool -import -keystore clientkeystore -file ca-certificate.pem -alias theCARoot
14. Jar signing
Keystore verbose output
Alias name: thecaroot
Creation date: 2014/3/7
Entry type: trustedCertEntry
Owner: EMAILADDRESS=development@sum.com, CN=development.sum.com, OU=Development, O=Sun, L=Monrovia, ST=California,
C=US
Issuer: EMAILADDRESS=development@sum.com, CN=development.sum.com, OU=Development, O=Sun, L=Monrovia, ST=California,
C=US
Serial number: cd1836b5bb6f8295
Valid from: Thu Feb 20 18:39:57 CST 2014 until: Fri Feb 20 18:39:57 CST 2015
15. Jar signing - Step6
Use the keytool to import the signed certificate for the associated client alias in the
keystore.
keytool –import –keystore clientkeystore –file client.cer –alias client
16. Jar signing
Keystore verbose output
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
Alias name: client
Creation date: 2014/3/7
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=Jason, OU=Jason, O=Jason, L=Jason, ST=Jason, C=US
Issuer:
EMAILADDRESS=development@sum.com, CN=development.sum.com, OU=Development, O=Sun, L=Monrovia, ST=California, C=US
Serial number: 86848dcdcc6a2971
Valid from: Fri Mar 07 02:36:08 CST 2014 until: Sat Mar 07 02:36:08 CST 2015
Certificate[2]:
Owner:
EMAILADDRESS=development@sum.com, CN=development.sum.com, OU=Development, O=Sun, L=Monrovia, ST=California, C=US
Issuer: EMAILADDRESS=development@sum.com, CN=development.sum.com, OU=Development
, O=Sun, L=Monrovia, ST=California, C=US
Serial number: cd1836b5bb6f8295
17. Jar signing - Step7
Generates signatures for Java ARchive (JAR) files
jarsigner -keystore clientkeystore SignedApplet.jar client
18. Jar signing
Verifying a Signed JAR File
jarsigner -verify -verbose SignedApplet.jar
s 169 Fri Mar 07 13:59:24 CST 2014 META-INF/MANIFEST.MF
320 Fri Mar 07 13:59:24 CST 2014 META-INF/CLIENT.SF
1997 Fri Mar 07 13:59:24 CST 2014 META-INF/CLIENT.DSA
0 Mon Feb 21 19:29:40 CST 2011 META-INF/
sm 2206 Mon Feb 21 19:29:36 CST 2011 SignedApplet.class
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
19. Jar signing - Step8
Go to「Java Control Panel」→「Security Tab 」→ 「Manage Certificates」
Import ca-certificate.pem file