Invalid keystore format and ‘keytool genkey’ issues during Jar signing

DZone's Guide to

Invalid keystore format and ‘keytool genkey’ issues during Jar signing

Mick Knutson

Mar. 23, 11 · Java Zone ·

Free Resource

Like (0)

Comment (0)

Save

{{ articles[0].views | formatCount}} Views

Java-based (JDBC) data connectivity to SaaS, NoSQL, and Big Data. Download Now.

I have been working on creating keystores and signing jars today, and have run into some interesting findings, and some interesting but obscure errors during this process.

I have the following maven plugin that I wanted to use to sign my jar with my keystore certificate:

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>${plugin-jar-version}</version>
<executions>
<execution>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<keystore>src/main/keystore</keystore>
<alias>3166_javaee</alias>
<storepass>3166_javaee</storepass>
<signedjar>${project.build.directory}/signed/${project.build.finalName}.jar</signedjar>
<verify>true</verify>
</configuration>
</plugin>

Running this maven command:

mvn clean install -e

Before I created the keystore.

Then I run the jar signing with a missing keystore, then I get the following error:

[INFO]
[INFO] --- maven-jar-plugin:2.3.1:jar (default-jar) @ chapter02 ---
[INFO] Building jar: C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar
[INFO]
[INFO] --- maven-jar-plugin:2.3.1:sign (default) @ chapter02 ---
[INFO] jarsigner error: java.lang.RuntimeException: keystore load: C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\src\main\keystore (The system cannot find the file specified)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 12.110s
[INFO] Finished at: Sat Feb 12 09:47:26 EST 2011
[INFO] Final Memory: 12M/29M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of cmd.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..
\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACK
T\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee" execution is: '1'. -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of c
md.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\tar
get\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee" execution is: '1'.
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:217)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
 at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:319)
 at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
 at org.apache.maven.cli.MavenCli.execute(MavenCli.java:534)
 at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
 at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
 at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
 at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
Caused by: org.apache.maven.plugin.MojoExecutionException: Result of cmd.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass
 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166
_javaee" execution is: '1'.
 at org.apache.maven.plugin.jar.JarSignMojo.signJar(JarSignMojo.java:345)
 at org.apache.maven.plugin.jar.JarSignMojo.execute(JarSignMojo.java:242)
 at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:107)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
 ... 19 more
[ERROR]
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

I tried to regenerate the keystore then run the signing manually, only to get the following error:

C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>keytool  -genkey -alias 3166_javaee -keyalg RSA -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -keypass 316
6_javaee -dname "CN=domain"
 
C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACK
T\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee
jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format

Now I have searched around to try to track down what this error actually is, and I have found that the error is because of the keystore path.

if I use the full keystore location ‘src/main/keystore/signing-jar.keystore’ I am able to successfully sign my jar:

C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -signed
jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee
 
Warning:
The signer certificate will expire within six months.

Glad to have this solved.

From http://www.baselogic.com/blog/development/java-javaee-j2ee/invalid-keystore-format-and-keytool-genkey-issues-during-jar-signing

Connect any Java based application to your SaaS data. Over 100+ Java-based data source connectors.