Signing Packages with a Custom Certificate
As described in Build a CPB and Build a CPK, the Gradle plugin uses, by default, a development certificate to sign a CPB or CPK package.
However, you can configure the plugin to use a custom certificate using the cordapp signing
section of the Gradle plugin:
curl -k -u $REST_API_USER:$REST_API_PASSWORD -X PUT -F alias="your-key" -F [email protected] https://localhost:8888/api/v5_1/certificate/cluster/code-signer
cordapp {
...
signing {
enabled = (true | false)
options {
alias = 'The alias to sign under'
storePassword = 'Keystore password'
keyStore = 'Keystore location'
storeType= 'Keystore type (PKCS12 | JKS)'
keyPassword = 'Password for private key (if different)'
signatureFileName = '$alias'
verbose = 'Verbose output when signing (true | false)'
strict = 'Strict checking when signing (true | false)'
internalSF = 'Include the .SF file inside the signature block (true | false)'
sectionsOnly = 'Don't compute hash of entire manifest (true | false)'
lazy = 'Flag to control whether the presence of a signature file means a JAR is signed (true | false)'
maxMemory = 'Specifies the maximum memory the jarsigner JVM will use'
preserveLastModified = 'Give the signed files the same last modified time as the original jar files (true | false)'
tsaUrl = 'Timestamp server URL'
tsaCert = 'Alias in the keystore for a timestamp authority for timestamped JAR files in Java 5+'
tsaProxyHost = 'TSA proxy server'
tsaProxyPort = 'TSA proxy server port'
executable = 'Path to alternate jarsigner'
force = 'Force signing of the JAR file even if it doesn't seem to be out of date or already signed (true | false)'
signatureAlgorithm = 'Name of the signature algorithm'
digestAlgorithm = 'Name of the digest algorithm '
tsaDigestAlgorithm = 'Name of the TSA digest algorithm'
}
}
}
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.