Signing a JAR File

The Process Engine requires that you digitally sign a custom Step Processor Java ARchive (JAR) file with a Netscape Object Signing Certificate. You can use a single certificate to sign as many Process application JAR files as needed.

Note The default JAR files provided with your Process Development Environment are signed with a Netscape Object Signing Certificate, which is the only one tested by FileNet for signing custom Step Processor JAR files. Developers can obtain a digital certificate to sign their JAR files from either VeriSign Inc. (http://digitalid.verisign.com/developer/nos_pick.htm) or Thawte Consulting (http://www.thawte.com/).

Signing a Java ARchive (JAR) File

The following procedure describes how to create a JAR file signed with the Netscape Object Signing Certificate. This procedure describes how to use the Netscape signing tool (signtool). For additional information, visit the Netscape Developer's Site (http://developer.netscape.com/software/signedobj/jarpack.html).

  1. Create a new directory on your development system. For example, C:\certificate.
  2. Copy the files supplied by VeriSign or Thawte to the new directory.
  3. Create a second new directory. For example, C:\Sign.
  4. Extract the JAR file contents to the second directory (for example, to C:\Sign). Be sure you include the MANIFEST.MF file in a META-INF subdirectory of the second directory; for example, place the MANIFEST.MF file in the C:\Sign\META-INF directory.
  5. Open a command prompt, and change to the directory directly above your C:\sign directory. For example, C:\.
  6. Enter a command similar to the following:

    C:\certificate\signtool -d"C:\certificate" -k"<Your_company_name>" -Z"<Your_jar_file_name>" -p"<Your_password>" sign

where <Your_company_name> is the company name as stated by your certificate provider, <Your_jar_file_name> is the name you wish to give the JAR file, <Your_password> is your password supplied by your certificate provider, and sign is the name of the directory containing the files to be included in the signed JAR file.

  1. Once signtool finishes, verify that the JAR was signed properly by entering the following command:

    C:\certificate\signtool -d"C:\certificate" -w Your_jar_file_name

where Your_jar_file_name is the name given to the JAR file.