source: extensions/net.sf.basedb.mev/trunk/jarsign/readme.txt @ 976

For MeV to work as a Java Webstart application, the JAR
files in the ./resources/jar must be signed. The currently
checked in JAR files have already been signed, so there is
no need to do this again unless MeV itself needs to be
updated. In that case, the new JAR files need to be signed.
Since this is a somewhat complex task, we have tried to make
easier.

Follow this procedure:

1. Delete all the existing JAR files in the ./resources/jar
   directory.
2. Copy all JAR files from the MeV distribution into the
  ./resources/jar directory
3. Run 'ant signjars'
4. Commit the changes to the subversion repository.

--------------------------------------------------------
Note!

JAR files that have already been signed by another
authority should not be re-signed. This needs to be specified
as an exclustion in build.xml. Locate the <fileset> tag
inside the <target name="signjars"> target and add the
exceptions to the "excludes" attribute.

----------------------------------------------------------
Note!

The mev-base.key is the self-signed certificate that we have
used to sign the JAR files. It has the following properties:

Alias: mev-base
Password: mev-base
Name: BASE Development team
Organizational unit: BASE Development team
Organization: Lund University
City: Lund
State: Sweden
Country code: SE

To re-generate the keystore execute the following command:

keytool -genkey -alias mev-base -keypass mev-base -keystore mev-base.key
---------------------------------------------------------------