After verifying your certificate request, you can download your certificate files and use them to sign your Java code.
ZIP file you download.
PEM file to something easier to type, for example
PEM file to the place where you created your keystore.
bin directory of your JDK installation—for example:
C:\Program Files\java\jdkversion number\bin
If you're using Windows, you must complete the following steps before you can install the certificate and sign your code.
cmd as an administrator.
cd C:\Program Files\java\jdkversion number\bin
keytool -importcert -file mycert.pem -keystore codesignstore
jarsigner -verbose -keystore codesignstore -tsa http://tsa.starfieldtech.com/ your jar file.jar codesigncertWindows users might need to use the full paths to their keystore (
jarsigner -verify -verbose -certs your jar file.jar
If everything worked, you'll see jar verified.
You should expect to see "This jar contains entries whose certificate chain is not validated." The presence of this warning does not indicate that your certificate won't work.