I am a newbie to java security and know pretty much nothing about it. I have an existing jar that was given to me couple of years which was digitally signed. However, that signature is now expired and I need to sign it again. The client has bought an X.509 certificate from Comodo and Comodo gave him the following 4 files.
1) AddTrustExternalCARoot.crt
2) COMODOCodeSigningCA2.crt
3) UTNAddTrustObject_CA.crt
4) "application_specific_key".crt
I would like to know what the next steps are in order to sign the jar file I have. I have tried doing the following things but I keep getting an error when I use jarsigner to sign the applet jar
1) keytool -import -alias AddTrustExternalCARoot -keystore altis.keystore -file AddTrustExternalCARoot.crt
2) keytool -import -alias COMODOCodeSigningCA2 -keystore altis.keystore -file COMODOCodeSigningCA2.crt
3)keytool -import -alias UTNAddTrustObject_CA -keystore altis.keystore -file UTNAddTrustObject_CA.crt
4)keytool -import -alias "application_specific_alias" -keystore altis.keystore -file "application_specific_alias".crt
5) jarsigner "application_jar_file" "application_specific_alias"
jarsigner: Certificate chain not found for: "application_specific_alias". "application_specific_alias" must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.
What am I missing?
