Application Packaging Developer's Guide

How to Sign the Package

Once the certificates are imported into the package keystore, you can now sign the package. The actual signing of the package is done using the pkgtrans command.

  1. Sign the package using the pkgtrans command. Supply the location of the unsigned package and the alias of the key to sign the package.

    For example, using the examples from the previous procedures, you would type the following to create a signed package called SUNWfoo.signed:

    $ pkgtrans -g -k ~/mykeystore -n mycert . ./SUNWfoo.signed SUNWfoo

    The output of this command would appear similar to the following:

    Retrieving signing certificates from keystore </home/user/mykeystore>
    Enter keystore password:
    Generating digital signature for signer <Test User>
    Transferring <SUNWfoot> package instance

    The signed package is created in the file SUNWfoo.signed and is in the package-stream format. This signed package is suitable for copying to a web site and being installed using the pkgadd command and a URL.