Jarsigner error java lang runtimeexception keystore load invalid keystore format

Signing a jar file

Guys, I’ve googled the crap out of this one. I need some help signing a jar file.

Here is what I’m doing:

1. Generating a key: 2. Trying to sign the jar file: Here is the error I’m getting: I’m using Ubuntu Linux.
I wrote and built my project with Netbeans.

These instructions have worked for me in the recent past.

If I’m understanding it correctly, you have to buy certificates to use the methods in this link.
I really don’t want to purchase a certificate.

I’m just writing a program to be used within my company. The application will be hosted on a server, and I need it to have read/write permissions when it is loaded via WebStart to a client computer within the company.

Do I have to purchase a certificate for that?

I thought keytools and jarsigner should be sufficient. Am I misunderstanding it?

Just skip the external cert steps if you want to self-sign. It works.

If your app presented a self-signed cert to me, and I didn’t know you and trust you, I wouldn’t accept your app.

Could you please help me out with some specifics?

Here’s what I’ve tried:
keytool -selfcert -genkey -dname «cn=Your Name Here» -alias -keystore keystore

This returns an error saying it does not recognize -genkey. If I pull genkey out, it doesn’t do anything.

I’m new to java and new to the certification protocol. I’ve got about five hours now into figuring it out, and I don’t think I’m any closer than when I first begun.

Here is what the latest process looks like. What am I doing wrong?

/Desktop$ keytool -genkey -alias thomasaaron -keystore myKeyStore
Enter key store password: password1
Enter key password for : password2

You are about to enter information that will be incorporated into
your certificate request. This information is what is called a
Distinguished Name or DN. There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting , or blank the field by entering the character
before hitting .

Common Name (hostname, IP, or your name): Thomas Aaron
Organization Name (company) [The Sample Company]: Tom’s Company
Organizational Unit Name (department, division): Tom’s Department
Locality Name (city, district) [Sydney]: TommyLand
State or Province Name (full name) [NSW]: Colorado
Country Name (2 letter code) [AU]: US
[email protected]:

Источник

Jarsigner error java lang runtimeexception keystore load invalid keystore format

Hi, folks. I’ve got a problem getting an application to run with WebStart.

It is an application (not an applet).
I created a jnlp file that WILL successfully launch it — as long as I don’t put security tags in it. With security tags, I get this message when I try to launch it:

Unsigned application requesting unrestricted access to system.
and then it lists my .jar file.

Note: I actually DO want it to have unrestricted access.

So, I followed these directions from this page: http://java.sun.com/developer/technicalArticles/Programming/jnlp/

# Second, create a key in the keystore (or use one you already have). You’ll be prompted for information like first name and last. You should at least fill in that information.

keytool -genkey -keystore myKeys -alias jdc
# Third, sign the JAR. Be sure to remember your password from the previous step.

jarsigner -keystore myKeys JNLPTime.jar jdc

When I run that last command, I get this error:

jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format

I’ve done some googling on it, and I’m thinking it might be a version problem (I’ve had those with Java before). But if that is indeed the problem, I’ve not been able to figure out how to solve it.

NOTE: I wrote and compiled the application with Netbeans. Everything else I am doing from the command line.

Thanks for your help,
Tom

These are the steps I did to self sign my own jar files:

Step 1 make a key:
keytool -genkey
Step 2 make a certificate:
keytool -selfcert
Step 3 sign jar files
jarsigner foo.jar mykey

Thank you. I’ll give that a try.

Guys, this is killing me! I’ve got about 10 hours into trying to get this to work so far.

Here is the latest effort (trying to follow the above directions). What am I doing wrong?

/Desktop$ keytool -genkey -keystore myKeyStore -keyalg RSA -alias thomasaaron
Enter key store password: password1
Enter key password for : password2

You are about to enter information that will be incorporated into
your certificate request. This information is what is called a
Distinguished Name or DN. There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting , or blank the field by entering the character
before hitting .

Common Name (hostname, IP, or your name): Tom
Organization Name (company) [The Sample Company]: Tom
Organizational Unit Name (department, division): Tom
Locality Name (city, district) [Sydney]: Denver
State or Province Name (full name) [NSW]: Colorado
Country Name (2 letter code) [AU]: US
thomasaaron@ubuntu:

/Desktop$ keytool -selfcert -keystore myKeyStore -alias thomasaaron
Enter key store password: password1
Enter key password for : password2
keytool error: java.lang.IllegalStateException: not encrypted
thomasaaron@ubuntu:

At this point, the keystore that I created in the first step is hosed by the second step. It is turned into a regular, unencrypted, empty text file.

I’ve tried numerous switches (-dname, etc. ). All have the same result.

I’ve tried several different tutorials on the net, but all of them give me a «keystore in wrong format» error.

Here is a list of the tutorials I’ve tried:
http://java.sun.com/j2se/1.4.2/docs/guide/plugin/developer_guide/rsa_signing.html#signing_applets
http://saloon.javaranch.com/cgi-bin/ubb/ultimatebb.cgi?ubb=next_topic&f=23&t=004049&go=newer
http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html
http://java.sun.com/j2se/1.3/docs/tooldocs/win32/keytool.html
http://forum.java.sun.com/thread.jspa?threadID=152882&messageID=469592
http://archives.java.sun.com/cgi-bin/wa?A2=ind0401&L=jini-users&P=12474

Guys, I realize I’m probably missing something basic here.
I just want to self-sign this application so I can put it on my home web server and run it from work via webstart. It will require all-permissions.

As fate would have it, /usr/bin/keytools was symlinked to the GUN java library’s keytools, instead of jdk’s keytools.

Man, my head is killing me after beating it on that wall! ](*,)
(I’ve always wanted to use that emoticon.)

Now maybe I can actually get on with some programming!

Источник

Thread: Running an application with Webstart (JAVA)

Thread Tools

Display

Running an application with Webstart (JAVA)

Hi, folks. I’ve got a problem getting an application to run with WebStart.

It is an application (not an applet).
I created a jnlp file that WILL successfully launch it — as long as I don’t put security tags in it. With security tags, I get this message when I try to launch it:

and then it lists my .jar file.

Note: I actually DO want it to have unrestricted access.

# Second, create a key in the keystore (or use one you already have). You’ll be prompted for information like first name and last. You should at least fill in that information.

I’ve done some googling on it, and I’m thinking it might be a version problem (I’ve had those with Java before). But if that is indeed the problem, I’ve not been able to figure out how to solve it.

NOTE: I wrote and compiled the application with Netbeans. Everything else I am doing from the command line.

Thanks for your help,
Tom

To err is human, to forgive is very . dog-like.

Re: Running an application with Webstart (JAVA)

To err is human, to forgive is very . dog-like.

Re: Running an application with Webstart (JAVA)

OK. I won’t bumb any more after this. Calling all java experts.

To err is human, to forgive is very . dog-like.

Re: Running an application with Webstart (JAVA)

These are the steps I did to self sign my own jar files:

Step 1 make a key:
keytool -genkey
Step 2 make a certificate:
keytool -selfcert
Step 3 sign jar files
jarsigner foo.jar mykey

Tim Berners-Lee on Net Neutrality
————————————-
Visit the Ubuntu Programming IRC-channel at #ubuntu-programming (chat.freenode.net).

Re: Running an application with Webstart (JAVA)

Thank you. I’ll give that a try.

To err is human, to forgive is very . dog-like.

Re: Running an application with Webstart (JAVA)

Guys, this is killing me! I’ve got about 10 hours into trying to get this to work so far.

Here is the latest effort (trying to follow the above directions). What am I doing wrong?

/Desktop$ keytool -genkey -keystore myKeyStore -keyalg RSA -alias thomasaaron
Enter key store password: password1
Enter key password for : password2

You are about to enter information that will be incorporated into
your certificate request. This information is what is called a
Distinguished Name or DN. There are quite a few fields but you
can use supplied default values, displayed between brackets, by just
hitting , or blank the field by entering the character
before hitting .

Common Name (hostname, IP, or your name): Tom
Organization Name (company) [The Sample Company]: Tom
Organizational Unit Name (department, division): Tom
Locality Name (city, district) [Sydney]: Denver
State or Province Name (full name) [NSW]: Colorado
Country Name (2 letter code) [AU]: US
thomasaaron@ubuntu:

/Desktop$ keytool -selfcert -keystore myKeyStore -alias thomasaaron
Enter key store password: password1
Enter key password for : password2
keytool error: java.lang.IllegalStateException: not encrypted
thomasaaron@ubuntu:

At this point, the keystore that I created in the first step is hosed by the second step. It is turned into a regular, unencrypted, empty text file.

I’ve tried numerous switches (-dname, etc. ). All have the same result.

I’ve tried several different tutorials on the net, but all of them give me a «keystore in wrong format» error.

Guys, I realize I’m probably missing something basic here.
I just want to self-sign this application so I can put it on my home web server and run it from work via webstart. It will require all-permissions.

To err is human, to forgive is very . dog-like.

Источник

keystore load: Keystore was tampered with, or password was incorrect #35178

I’m gonna kill myself hahahaha.. i tried many solutions but no one works,

but every time i run the build command i get this 🤣

The text was updated successfully, but these errors were encountered:

I am getting the same issue. I know the password of my store and key because I can change it, but it does not decrypt.

Actually, I figured out the issue. In my case, I copied the key from elsewhere, but I was changing the password in the original location. Check that you are not doing the same.

@JonathanWilbur can you please explain how..i didn’t understand what you mean by copying key from elsewhere

but before that.. thank you so much for considering my issue

@JonathanWilbur can you please explain how..i didn’t understand what you mean by copying key from elsewhere

cp C:UsersJonathankey.jks .androidappkey.jks

@JonathanWilbur is till getting the same error 😣

1- Create the key at the /android/app folder.
2- To create the key remove the ‘

‘ from the code provided in the flutter guide
From: keytool -genkey -v -keystore

/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
To: keytool -genkey -v -keystore key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
3- Do not use quotes to wrap around variables in the key.properties file. So here is an example:

try flutter clean

We have to do flutter clean every time we change the values

thanks for ur suggestion, my problem is sloved,even I don’t know why I have to generate key.jks in my ‘android/app’ folder,hahahahah

1- Create the key at the /android/app folder.
2- To create the key remove the ‘

‘ from the code provided in the flutter guide
From: keytool -genkey -v -keystore

/key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
To: keytool -genkey -v -keystore key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias key
3- Do not use quotes to wrap around variables in the key.properties file. So here is an example:

Thanks very much. I have solved this issue.

Cool, I think it’s safe to close the issue.

This thread has been automatically locked since there has not been any recent activity after it was closed. If you are still experiencing a similar issue, please open a new bug, including the output of flutter doctor -v and a minimal reproduction of the issue.

© 2023 GitHub, Inc.

You can’t perform that action at this time.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.

Источник

Invalid keystore format and ‘keytool genkey’ issues during Jar signing

I have been working on creating keystores and signing jars today, and have run into some interesting finding, and some interesting but obscure errors during this process.

I have the following maven plugin that I wanted to use to sign my jar with my keystore certificate:

 <plugin>
 <groupId>org.apache.maven.plugins</groupId>
 <artifactId>maven-jar-plugin</artifactId>
 <version>${plugin-jar-version}</version>
 <executions>
 <execution>
 <goals>
 <goal>sign</goal>
 </goals>
 </execution>
 </executions>
 <configuration>
 <keystore>src/main/keystore</keystore>
 <alias>3166_javaee</alias>
 <storepass>3166_javaee</storepass>
 <signedjar>${project.build.directory}/signed/${project.build.finalName}.jar</signedjar>
 <verify>true</verify>
 </configuration>
 </plugin>

Running this maven command:

mvn clean install -e

Before I created the keystore.

Then I run the jar signing with a missing keystore, then I get the following error:

[INFO]
[INFO] --- maven-jar-plugin:2.3.1:jar (default-jar) @ chapter02 ---
[INFO] Building jar: C:usrSYNCHPACKT3166Chapters_Codech02targetchapter02-1.0.2.jar
[INFO]
[INFO] --- maven-jar-plugin:2.3.1:sign (default) @ chapter02 ---
[INFO] jarsigner error: java.lang.RuntimeException: keystore load: C:usrSYNCHPACKT3166Chapters_Codech02srcmainkeystore (The system cannot find the file specified)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 12.110s
[INFO] Finished at: Sat Feb 12 09:47:26 EST 2011
[INFO] Final Memory: 12M/29M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of cmd.exe /X /C "C:usrbinJavajdk1.6.0_23jre..
binjarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:usrSYNCHPACKT3166Chapters_Codech02targetsignedchapter02-1.0.2.jar C:usrSYNCHPACK
T3166Chapters_Codech02targetchapter02-1.0.2.jar 3166_javaee" execution is: '1'. -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of c
md.exe /X /C "C:usrbinJavajdk1.6.0_23jre..binjarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:usrSYNCHPACKT3166Chapters_Codech02tar
getsignedchapter02-1.0.2.jar C:usrSYNCHPACKT3166Chapters_Codech02targetchapter02-1.0.2.jar 3166_javaee" execution is: '1'.
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:217)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
 at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:319)
 at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
 at org.apache.maven.cli.MavenCli.execute(MavenCli.java:534)
 at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
 at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
 at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
 at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
Caused by: org.apache.maven.plugin.MojoExecutionException: Result of cmd.exe /X /C "C:usrbinJavajdk1.6.0_23jre..binjarsigner.exe -keystore src/main/keystore -storepass
 3166_javaee -signedjar C:usrSYNCHPACKT3166Chapters_Codech02targetsignedchapter02-1.0.2.jar C:usrSYNCHPACKT3166Chapters_Codech02targetchapter02-1.0.2.jar 3166
_javaee" execution is: '1'.
 at org.apache.maven.plugin.jar.JarSignMojo.signJar(JarSignMojo.java:345)
 at org.apache.maven.plugin.jar.JarSignMojo.execute(JarSignMojo.java:242)
 at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:107)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
 ... 19 more
[ERROR]
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

I tried to regenerate the keystore then run the signing manually, only to get the following error:

C:usrSYNCHPACKT3166Chapters_Codech02>keytool  -genkey -alias 3166_javaee -keyalg RSA -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -keypass 316
6_javaee -dname "CN=domain"

C:usrSYNCHPACKT3166Chapters_Codech02>C:usrbinJavajdk1.6.0_23jre..binjarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:usrSYNCHPACK
T3166Chapters_Codech02targetsignedchapter02-1.0.2.jar C:usrSYNCHPACKT3166Chapters_Codech02targetchapter02-1.0.2.jar 3166_javaee
jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format

Now I have searched around to try to track down what this error actually is, and I have found that the error is because of the keystore path.

if I use the full keystore location ‘src/main/keystore/signing-jar.keystore’ I am able to successfully sign my jar:

C:usrSYNCHPACKT3166Chapters_Codech02>C:usrbinJavajdk1.6.0_23jre..binjarsigner.exe -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -signed
jar C:usrSYNCHPACKT3166Chapters_Codech02targetsignedchapter02-1.0.2.jar C:usrSYNCHPACKT3166Chapters_Codech02targetchapter02-1.0.2.jar 3166_javaee

Warning:
The signer certificate will expire within six months.

Glad to have this solved.

When i build the app from source on my mac os 10.11
sbt failed because following error:
jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format
java.lang.RuntimeException: Error signing jar (exit code was 1.)
at scala.sys.package$.error(package.scala:27)
at sbt.SignJar$.execute(Pack.scala:69)
at sbt.SignJar$.sign(Pack.scala:59)
at android.Tasks$$anonfun$52$$anonfun$apply$57.apply(tasks.scala:673)
at android.Tasks$$anonfun$52$$anonfun$apply$57.apply(tasks.scala:663)
at scala.Option.map(Option.scala:145)
at android.Tasks$$anonfun$52.apply(tasks.scala:663)
at android.Tasks$$anonfun$52.apply(tasks.scala:657)
at scala.Function6$$anonfun$tupled$1.apply(Function6.scala:35)
at scala.Function6$$anonfun$tupled$1.apply(Function6.scala:34)
at scala.Function1$$anonfun$compose$1.apply(Function1.scala:47)
at sbt.$tilde$greater$$anonfun$$u2219$1.apply(TypeFunctions.scala:40)
at sbt.std.Transform$$anon$4.work(System.scala:63)
at sbt.Execute$$anonfun$submit$1$$anonfun$apply$1.apply(Execute.scala:226)
at sbt.Execute$$anonfun$submit$1$$anonfun$apply$1.apply(Execute.scala:226)
at sbt.ErrorHandling$.wideConvert(ErrorHandling.scala:17)
at sbt.Execute.work(Execute.scala:235)
at sbt.Execute$$anonfun$submit$1.apply(Execute.scala:226)
at sbt.Execute$$anonfun$submit$1.apply(Execute.scala:226)
at sbt.ConcurrentRestrictions$$anon$4$$anonfun$1.apply(ConcurrentRestrictions.scala:159)
at sbt.CompletionService$$anon$2.call(CompletionService.scala:28)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
error Error signing jar (exit code was 1.)
[error] Total time: 43 s, completed Dec 22, 2015 4:37:24 PM

but i can manually sign the apk successful:
jarsigner -verbose -keystore ~/.keystore shadowsocks-release-unsigned.apk polusAndroidKey

/usr/local/Cellar/android-sdk/24.4.1_1/build-tools/23.0.2/zipalign -v 4 shadowsocks-release-unsigned.apk  shadowsocks.2.9.3.apk

so would you please help me to find out what gent wrong,I would be very grateful!