Return-Path: Delivered-To: apmail-ant-user-archive@www.apache.org Received: (qmail 82840 invoked from network); 16 Nov 2004 11:55:46 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 16 Nov 2004 11:55:46 -0000 Received: (qmail 13187 invoked by uid 500); 16 Nov 2004 11:55:37 -0000 Delivered-To: apmail-ant-user-archive@ant.apache.org Received: (qmail 13130 invoked by uid 500); 16 Nov 2004 11:55:35 -0000 Mailing-List: contact user-help@ant.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Ant Users List" Reply-To: "Ant Users List" Delivered-To: mailing list user@ant.apache.org Received: (qmail 13109 invoked by uid 99); 16 Nov 2004 11:55:35 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from [193.1.185.11] (HELO mail.tssg.org) (193.1.185.11) by apache.org (qpsmtpd/0.28) with ESMTP; Tue, 16 Nov 2004 03:55:32 -0800 Received: from sauce (unknown [10.37.1.128]) by mail.tssg.org (Postfix) with SMTP id 397901809C for ; Tue, 16 Nov 2004 11:55:25 +0000 (GMT) Reply-To: From: "William Fitzgerald" To: "Ant Users List" Subject: RE: QUERY:Exporting a digital signature generated from genkey Date: Tue, 16 Nov 2004 11:54:38 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Importance: Normal In-Reply-To: <200411161709.46535.ingvarrr@hotbox.ru> X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Thank you Igor for your speedy replies. Yes, that verson of exec worked fine. the only way around the non-interactive nature of the ant build is to hardcode the password (-storepass)and to always trust the certificate (-noprompt) as can be seen from the signers build and the recievers (verifiers) build below. This of course can only work as a demo or for testing as this method to insure! kind regards, Will. -----Original Message----- From: Igor A. Deruga [mailto:ingvarrr@hotbox.ru] Sent: 16 November 2004 14:10 To: Ant Users List Subject: Re: QUERY:Exporting a digital signature generated from genkey Hi, Will! 1. As far as I know, "deprecated" means that the feature works fine in current version but it will be removed in future versions, so you better use an alternative. Ant says that you should use the "executable" attribute instead of "command": This is written in Ant's Manual (you can find it in ant distribution. Try browsing through "Overview of ant tasks" part). Ok. So, I think that actually it DOES work but you better use "executable" style rather than "command". 2. If your scripts or programs for creating those certificates are made to be interactive ONLY, then I think you can do nothing about it but use it by hands. (It's a very strong and pessimistic statement, I hope there will be other opinions). So, I think you should read help and try to find the keys that will allow you to redefault answer to "Yes" rather than "No" and to enter password in form: "keytool .... -p mypass". Sorry if It wasn't a real helping hand, but that's all I know about it... Feel free to ask if you need anything else! Sincerely Igor On Tuesday 16 November 2004 12:00, William Fitzgerald wrote: > Yes I have tried this (task exec) but unfortunatly I still run into > problems > > :( > > to create a certificate for Susan, i do the following: > > PROBLEM 1: > > > but this is deprecated and I can't seem to work it for the executable > command!!! > > [exec] The command attribute is deprecated. Please use the executable > attribute and nested arg elements. > [exec] Enter keystore password: > [exec] ***************** WARNING WARNING WARNING ***************** > [exec] * The integrity of the information stored in your keystore * > [exec] * has NOT been verified! In order to verify its integrity, * > [exec] * you must provide your keystore password. * > [exec] ***************** WARNING WARNING WARNING ***************** > [exec] Certificate stored in file > > Also note that it asks for a password but the build never stops to allow me > to enter one. It still creates a certificate though so I guess its not a > huge problem. > > PROBLEM 2: > now I want a build file to take susans certificate, add it to mystore and > then compare it to the signed jar etc. > > > > > > > > > > I again cannot say wheather I trust the certiciate I am adding to the > store!!!!!!!!!!!! This is because the build keeps running and does not stop > to allow me to say trust this cert. I also had a password (storepass) > problem but got around it by adding it to the build command, again a bad > idea! > > mystore: > [exec] The command attribute is deprecated. Please use the executable > attribute and nested arg elements. > [exec] Owner: CN=tssg, OU=wit, O=research, C=ire > [exec] Issuer: CN=tssg, OU=wit, O=research, C=ire > [exec] Serial number: 4198bd59 > [exec] Valid from: Mon Nov 15 14:29:45 GMT 2004 until: Sun Feb 13 > 14:29:45 GMT 2005 > [exec] Certificate fingerprints: > [exec] MD5: 96:E1:3E:09:07:D4:5C:EE:D6:02:B9:E0:AA:25:0A:9E > [exec] SHA1: > 68:D3:7D:D5:7D:81:07:5C:CD:A9:90:24:EF:E4:B9:4B:C9:21:E9:BE > [exec] keytool error: java.lang.NullPointerException > [exec] Trust this certificate? [no]: > [exec] Result: 1 > BUILD SUCCESSFUL > > > any ideas and points of direction are hugely welcomed, > regards, > Will. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@ant.apache.org For additional commands, e-mail: user-help@ant.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscribe@ant.apache.org For additional commands, e-mail: user-help@ant.apache.org