After verifying your certificate request, you can download your certificate files and use them to sign your Java code.
ZIPfile you download.
PEMfile to something easier to type, for example
PEMfile to the place where you created your keystore.
bindirectory of your JDK installation—for example:
C:\Program Files\java\jdkversion number\bin
If you're using Windows, you must complete the following steps before you can install the certificate and sign your code.
cmdas an administrator.
cd C:\Program Files\java\jdkversion number\bin
keytool -importcert -file mycert.pem -keystore codesignstore
jarsigner -verbose -keystore codesignstore -tsa http://tsa.starfieldtech.com/ your jar file.jar codesigncertWindows users might need to use the full paths to their keystore (
jarsigner -verify -verbose -certs your jar file.jar
If everything worked, you'll see jar verified.
You should expect to see "This jar contains entries whose certificate chain is not validated." The presence of this warning does not indicate that your certificate won't work.