Skip navigation
-kasqa-
Currently Being Moderated

signing problems with ucf.jar

Apr 5, 2011 6:55 AM

I've been trying to sign my extension with ucf.jar to make it possible to install the .zxp. I created a self-signed certificate using Keychain Access > Certificate Assistant in MacOSX and exported it to a .p12-file. When i try to build and sign the .zxp with:

 

java -jar ucf.jar -package -storetype PKCS12 -keystore certificate.p12 -storepass password myExtension.zxp -C "./myExtension/" .

 

i get the following stacktrace:

 

Packaging failed: Unknown or invalid signature algorithm.
java.security.GeneralSecurityException: Unknown or invalid signature algorithm.
    at com.adobe.pki.PKIContext.VerifyCertPath(PKIContext.java:167)
    at com.adobe.ucf.CodeSigner.BuildAndVerifyCertChain(CodeSigner.java:297)
    at com.adobe.ucf.CodeSigner.getXMLKeyInfo(CodeSigner.java:241)
    at com.adobe.ucf.CodeSigner.getSignatureXML(CodeSigner.java:184)
    at com.adobe.ucf.UCFOutputStream.finalizeSig(UCFOutputStream.java:264)
    at com.adobe.ucf.UCFPackager.createPackage(UCFPackager.java:109)
    at com.adobe.ucf.UCF.doPackage(UCF.java:114)
    at com.adobe.ucf.UCF.main(UCF.java:64)

 

Couldnt find anything about this in the sign-toolkit-pdf.

 
Replies
  • Currently Being Moderated
    May 9, 2013 6:26 AM   in reply to -kasqa-

    i have exactly this problem and it's driving me crazy!

    i have an exisitng p12 file that works (for a differnt entity),

    this is signed using SHA-1 with RSA encryption. the keychain assitiant signs using SHA256 by default.

    So i though aha that's the problem, i then used the certool command line tool to crate a new cert signed using SHA-1 and exported that.

    Still no dice, yet the cert pairs seem indentical in every way except the actuall name and organisation being different.

    Iv'e tried the same on java under windows too. same result.

    J

     
    |
    Mark as:
  • Currently Being Moderated
    May 9, 2013 8:49 AM   in reply to jonhrfc

    Sorry to hear you've been having problems with this - the next release of the signing toolkit should hopefully make things easier.

     

    For now, please try these two things:

     

    Please let me know how you get on.

     

    Best wishes,

    Fraser

     
    |
    Mark as:
  • Currently Being Moderated
    May 9, 2013 9:17 AM   in reply to fgregor

    Thanks very much that worked!

     

    Obvioulsy something about the certs from the certificate assistant that UCF doesn't like.

     
    |
    Mark as:
  • Currently Being Moderated
    May 10, 2013 1:47 AM   in reply to jonhrfc

    Great, thanks for letting me know!

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points