Exchanging Files [Tools] |
The steps you take as the contract sender are shown below.
Note: The steps in this lesson for the contract sender are basically the same as those listed for a code signer in the Signing Code and Granting It Permissions [Tools] lesson, except that here you are pretending to be Stan Smith (rather than Susan Jones) and you are storing a data file rather than a class file in the JAR file to be signed.
The steps are:
- Create a JAR File Containing the Contract, using the jar tool.
- Generate Keys (if they don't already exist), using the keytool
-genkey
command.
Optional Step: Generate a Certificate Signing Request (CSR) for the Public Key Certificate, and import the response from the Certification Authority (CA). For simplicity (and since you are only pretending to be Stan Smith), this step is omitted. See API and Tools Use for Secure Code and File Exchanges for more information.
- Sign the JAR File, using the jarsigner tool and the private key generated in Step 2.
- Export the Public Key Certificate, using the keytool
-export
command. Then supply the signed JAR file and the certificate to the receiver Ruth.
Exchanging Files [Tools] |