ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Igor A. Deruga" <>
Subject Re: QUERY:Exporting a digital signature generated from genkey
Date Tue, 16 Nov 2004 14:09:46 GMT
Hi, Will!

1. As far as I know, "deprecated" means that the feature works fine in current 
version but it will be removed in future versions, so you better use an 
alternative. Ant says that you should use the "executable" attribute instead 
of "command":
<exec dir="." executable="keytool">
	<arg line="-export -keystore susanstore -alias signFiles -file SusanJ.cer" />

This is written in Ant's Manual (you can find it in ant distribution. Try 
browsing through "Overview of ant tasks" part).

Ok. So, I think that actually it DOES work but you better use "executable" 
style rather than "command".

2. If your scripts or programs for creating those certificates are made to be 
interactive ONLY, then I think you can do nothing about it but use it by 
hands. (It's a very strong and pessimistic statement, I hope there will be 
other opinions). So, I think you should read help and try to find the keys 
that will allow you to redefault answer to "Yes" rather than "No" and to 
enter password in form: "keytool .... -p mypass".

Sorry if It wasn't a real helping hand, but that's all I know about it... Feel 
free to ask if you need anything else!


On Tuesday 16 November 2004 12:00, William Fitzgerald wrote:
> Yes I have tried this (task exec) but unfortunatly I still run into
> problems
> :(
> to create a certificate for Susan, i do the following:
> <exec dir="." command ="keytool -export -keystore susanstore -alias
> signFiles -file SusanJ.cer"></exec>
> but this is deprecated and I can't seem to work it for the executable
> command!!!
>      [exec] The command attribute is deprecated. Please use the executable
> attribute and nested arg elements.
>      [exec] Enter keystore password:
>      [exec] *****************  WARNING WARNING WARNING  *****************
>      [exec] * The integrity of the information stored in your keystore  *
>      [exec] * has NOT been verified!  In order to verify its integrity, *
>      [exec] * you must provide your keystore password.                  *
>      [exec] *****************  WARNING WARNING WARNING  *****************
>      [exec] Certificate stored in file <SusanJ.cer>
> Also note that it asks for a password but the build never stops to allow me
> to enter one. It still creates a certificate though so I guess its not a
> huge problem.
> now I want a build file to take susans certificate, add it to mystore and
> then compare it to the signed jar etc.
> <?xml version="1.0"?>
> <project name ="digiver" default ="mystore">
> <target name="mystore">
> 	<exec dir="./keys" command="keytool -import -alias susan -file
> SusanJ.cer -keypass hello123 -keystore mystore -storepass hello123">
> 	</exec>
> </target>
> </project>
> I again cannot say wheather I trust the certiciate I am adding to the
> store!!!!!!!!!!!! This is because the build keeps running and does not stop
> to allow me to say trust this cert. I also had a password (storepass)
> problem but got around it by adding it to the build command, again a bad
> idea!
> mystore:
>      [exec] The command attribute is deprecated. Please use the executable
> attribute and nested arg elements.
>      [exec] Owner: CN=tssg, OU=wit, O=research, C=ire
>      [exec] Issuer: CN=tssg, OU=wit, O=research, C=ire
>      [exec] Serial number: 4198bd59
>      [exec] Valid from: Mon Nov 15 14:29:45 GMT 2004 until: Sun Feb 13
> 14:29:45 GMT 2005
>      [exec] Certificate fingerprints:
>      [exec] MD5:  96:E1:3E:09:07:D4:5C:EE:D6:02:B9:E0:AA:25:0A:9E
>      [exec] SHA1:
> 68:D3:7D:D5:7D:81:07:5C:CD:A9:90:24:EF:E4:B9:4B:C9:21:E9:BE
>      [exec] keytool error: java.lang.NullPointerException
>      [exec] Trust this certificate? [no]:
>      [exec] Result: 1
> any ideas and points of direction are hugely welcomed,
> regards,
> Will.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message