Signed Code

Beans can be digitally signed to guarantee the end user that a third party has not modified the file. Users must decide if they trust the author, but at least they know who created the bean. When you digitally sign a bean, you actually add a digital signature to the bean's JAR file, which means you end up digitally signing the whole JAR package.

Creating Digitally Signed JAR Files

Digitally sign your beans by generating your own digital signature and then including the signature in the bean's JAR file. To generate a digital signature, your identity profile must be included in your keystore file as a digital certificate along with a pair of encryption keys.

Creating a Keystore and Keys Using keytool

The first step to creating your ...

Get JavaBeans Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.