You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Frank Cornelis (JIRA)" <ji...@codehaus.org> on 2008/11/24 17:31:19 UTC

[jira] Updated: (MJAR-112) Sign using a PKCS11 token

     [ http://jira.codehaus.org/browse/MJAR-112?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Frank Cornelis updated MJAR-112:
--------------------------------

    Attachment: maven-jar-plugin-provider-class-arg.patch

The attached patch adds the parameters providerClass and providerArg, which does the trick for me.

> Sign using a PKCS11 token
> -------------------------
>
>                 Key: MJAR-112
>                 URL: http://jira.codehaus.org/browse/MJAR-112
>             Project: Maven 2.x Jar Plugin
>          Issue Type: New Feature
>          Components: sign
>    Affects Versions: 2.2
>            Reporter: Frank Cornelis
>            Priority: Critical
>         Attachments: maven-jar-plugin-provider-class-arg.patch
>
>
> For the moment one can only sign using a software keystore. But for production builds your private key is often stored on some smart card device like an eToken. It would be useful if you could configure the maven-jar-plugin to run something similar to:
>     jarsigner -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg etoken.config the_jar_to_sign.jar ALIAS_XYZ
> Where my etoken.config file contains:
>     name=eToken
>     library=/usr/lib/libeTPkcs11.so

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira