TechQA.

Looking for help to use Google Cloud HSM with jarsigner to sign jar files

359 views Asked by At

I need to sign jar files using Google Cloud HSM. The standard tool for signing jar files that comes with the JDK is jarsigner. I see that AWS Cloud HSM has documentation on using AWS Cloud HSM with jarsigner to sign jar files.

https://docs.aws.amazon.com/cloudhsm/latest/userguide/keystore-third-party-tools.html

However, I could not find any documentation directly addressing how to use Google Cloud HSM with jarsigner to sign jar files. If there is no native support for this in Google Cloud HSM, what would be required to make jarsigner work with Google Cloud HSM to do the jar signing? Any pointers are welcome.

jarsigner jar-signing
Original Q&A
1

There are 1 answers

1
Emmanuel Bourg On

Jsign provides a JCA provider that can be used with jarsigner to sign with a Google Cloud HSM key (disclaimer: I'm the author of this project).

The syntax looks like this:

jarsigner -J-cp -Jjsign-5.1-SNAPSHOT.jar -J--add-modules -Jjava.sql \
           -providerClass net.jsign.jca.JsignJcaProvider \
           -providerArg projects/first-rain-123/locations/global/keyRings/mykeyring \
           -keystore NONE \
           -storetype GOOGLECLOUD \
           -storepass <api-access-token> \
           -certchain certificate-chain.pem \
           application.jar <keyname>

Related Questions in JARSIGNER

Related Questions in JAR-SIGNING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions