Skip to main content
Skip table of contents

Using Signum with Maven

Using the Jarsigner plugin for Maven https://maven.apache.org/plugins/maven-jarsigner-plugin/usage.html it is possible to sign artifacts during packaging using the Signum Linux Agent.

List Keys

With the agent installed and a user logged in run keytool to list key objects.

CODE
keytool -list -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg ~/keyfactorpkcs11.cfg -storepass NONE

Will return objects like:

CODE
Keystore type: PKCS11
Keystore provider: SunPKCS11-KeyfactorPKCS11
 
Your keystore contains 1 entry
 
3AB5BFB91DFBB46CF765D5BEE51429618C4857DD - Certificate, PrivateKeyEntry,
Certificate fingerprint (SHA-256): 97:58:8B:1B:C4:D5:19:3C:C6:5F:3F:4A:73:11:53:17:98:D4:A7:E9:FD:A3:3D:88:B0:9F:09:EB:77:D9:23:F0

Configuration

In the pom.xml configuration use:

CODE
<configuration>
     <keystore>NONE</keystore>
     <alias>3AB5BFB91DFBB46CF765D5BEE51429618C4857DD - Certificate</alias>
     <storepass>NONE</storepass>
     <providerClass>sun.security.pkcs11.SunPKCS11</providerClass>
     <storetype>PKCS11</storetype>
     <providerArg>~/keyfactorpkcs11.cfg</providerArg>
     <tsa>http://some-tsa-example</tsa>
</configuration>
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.