Apache Maven

Invalid keystore format and ‘keytool genkey’ issues during Jar signing

February 12, 2011

5,499 views

3 min read

1 comment

I have been working on creating keystores and signing jars today, and have run into some interesting finding, and some interesting but obscure errors during this process.

I have the following maven plugin that I wanted to use to sign my jar with my keystore certificate:

 <plugin>
 <groupId>org.apache.maven.plugins</groupId>
 <artifactId>maven-jar-plugin</artifactId>
 <version>${plugin-jar-version}</version>
 <executions>
 <execution>
 <goals>
 <goal>sign</goal>
 </goals>
 </execution>
 </executions>
 <configuration>
 <keystore>src/main/keystore</keystore>
 <alias>3166_javaee</alias>
 <storepass>3166_javaee</storepass>
 <signedjar>${project.build.directory}/signed/${project.build.finalName}.jar</signedjar>
 <verify>true</verify>
 </configuration>
 </plugin>

Running this maven command:

mvn clean install -e

Before I created the keystore.

Then I run the jar signing with a missing keystore, then I get the following error:

[INFO]
[INFO] --- maven-jar-plugin:2.3.1:jar (default-jar) @ chapter02 ---
[INFO] Building jar: C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar
[INFO]
[INFO] --- maven-jar-plugin:2.3.1:sign (default) @ chapter02 ---
[INFO] jarsigner error: java.lang.RuntimeException: keystore load: C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\src\main\keystore (The system cannot find the file specified)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 12.110s
[INFO] Finished at: Sat Feb 12 09:47:26 EST 2011
[INFO] Final Memory: 12M/29M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of cmd.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..
\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACK
T\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee" execution is: '1'. -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-jar-plugin:2.3.1:sign (default) on project chapter02: Result of c
md.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\tar
get\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee" execution is: '1'.
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:217)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
 at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
 at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:319)
 at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
 at org.apache.maven.cli.MavenCli.execute(MavenCli.java:534)
 at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
 at org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
 at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
 at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
 at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
Caused by: org.apache.maven.plugin.MojoExecutionException: Result of cmd.exe /X /C "C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass
 3166_javaee -signedjar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166
_javaee" execution is: '1'.
 at org.apache.maven.plugin.jar.JarSignMojo.signJar(JarSignMojo.java:345)
 at org.apache.maven.plugin.jar.JarSignMojo.execute(JarSignMojo.java:242)
 at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:107)
 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
 ... 19 more
[ERROR]
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException

I tried to regenerate the keystore then run the signing manually, only to get the following error:

C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>keytool  -genkey -alias 3166_javaee -keyalg RSA -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -keypass 316
6_javaee -dname "CN=domain"

C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore -storepass 3166_javaee -signedjar C:\usr\SYNCH\PACK
T\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee
jarsigner error: java.lang.RuntimeException: keystore load: Invalid keystore format

Now I have searched around to try to track down what this error actually is, and I have found that the error is because of the keystore path.

if I use the full keystore location ‘src/main/keystore/signing-jar.keystore’ I am able to successfully sign my jar:

C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02>C:\usr\bin\Java\jdk1.6.0_23\jre\..\bin\jarsigner.exe -keystore src/main/keystore/signing-jar.keystore -storepass 3166_javaee -signed
jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\signed\chapter02-1.0.2.jar C:\usr\SYNCH\PACKT\3166\Chapters_Code\ch02\target\chapter02-1.0.2.jar 3166_javaee

Warning:
The signer certificate will expire within six months.

Glad to have this solved.

Apache Maven security

Mick Knutson

Java, JavaEE, J2EE, WebLogic, WebSphere, JBoss, Tomcat, Oracle, Spring, Maven, Architecture, Design, Mentoring, Instructor and Agile Consulting. http://www.baselogic.com/blog/resume

View all posts

Invalid keystore format and ‘keytool genkey’ issues during Jar signing

Related

Mick Knutson

Java / JavaEE / Spring Boot Channel

Follow Me

Recent Posts

Recent Comments

BLiNC Supporters

BLiNC Adsense

Archives

Meta

Newsletter

Invalid keystore format and ‘keytool genkey’ issues during Jar signing

Related

Mick Knutson

You may also like

Maven 3.x profiles.xml is no longer supported and was ignored, please use the settings.xml instead

Agile Consulting and Coaching

Spring Security issue: Duplicate detected.

Java / JavaEE / Spring Boot Channel

Follow Me

Recent Posts

Recent Comments

BLiNC Supporters

BLiNC Adsense

Archives

Meta

Newsletter