views:

30

answers:

1

I have imported a certificate into a private ~/.keystore file:

keytool -list
Enter keystore password:

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

mylyn-mantis, Jul 15, 2010, trustedCertEntry

and am trying to sign a jar with it, but I get a 'certificate chain not found' error.

jarsigner -verbose  /home/robert/file.jar mylyn-mantis
jarsigner: Certificate chain not found for: mylyn-mantis.  mylyn-mantis must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.

How can I solve this problem?

+1  A: 

It seems that your keystore contains only a certificate (public key) you need a complete key entry, with a private key, and the whole certificate chain to be able to sign anything

Maurice Perry
Thanks. I received this certificate from a CA . How can I generate a private key to go with it?
Robert Munteanu
This must be done upfront: you must generate a key pair, with a self-signed certificate, then request a signature for your certificate to your CA.
Maurice Perry
Makes sense, thank you.
Robert Munteanu