Previous | Next | Trail Map | Security in JDK 1.2  | Exchanging Files [Tools]

Steps for the Contract Sender

The steps you take as the contract sender are shown below.


Note: The steps in this lesson for the contract sender are basically the same as those listed for a code signer in the Signing Code and Granting It Permissions [Tools](in the Java Security 1.2 trail) lesson, except that here you are pretending to be Stan Smith (rather than Susan Jones) and you are storing a data file rather than a class file in the JAR file to be signed.

The steps are:

  1. Create a JAR File Containing the Contract, using the jar tool.

  2. Generate Keys (if they don't already exist), using the keytool -genkey command.

    Optional Step: Generate a Certificate Signing Request (CSR) for the Public Key Certificate, and import the response from the Certification Authority (CA). For simplicity (and since you are only pretending to be Stan Smith), this step is omitted. See API and Tools Use for Secure Code and File Exchanges(in the Java Security 1.2 trail) for more information.

  3. Sign the JAR File, using the jarsigner tool and the private key generated in Step 2.

  4. Export the Public Key Certificate, using the keytool -export command. Then supply the signed JAR file and the certificate to the receiver Ruth.


Previous | Next | Trail Map | Security in JDK 1.2  | Exchanging Files [Tools]