Java Code Signing: Generate a CSR

To request a code signing certificate, you have to provide us a certificate signing request (CSR) generated from the machine you'll use to sign the code. We'll use the information in this file to validate your request and provide the information to anyone downloading your code.

You must generate the CSR from your local machine and not from the web server you're using to host the file.

Windows-only preparation

If you use Windows, you must complete the following steps before generating your CSR.

  1. Run cmd as an administrator.
  2. Move to your JDK installation's bin directory:
    cd C:\Program Files\java\jdkversion number\bin

Create a keystore

To store your public and private keys (used to sign your code), you must create a keystore. You'll use this repeatedly throughout the code signing certificate request and installation process.

  1. Create a keystore called codesignstore:
    keytool -genkey -alias codesigncert -keyalg RSA -keysize 2048 -keystore codesignstore
  2. Complete the information requested from you at the command prompt. There are a few important things to note:
    • It's important that this information is consistent with everything else you plan to use in your request.
    • Note your keystore's password because you must have it to sign your Java code.

Generate a CSR

Now, use your keystore to create your certificate signing request (which you will use to request the certificate you purchased from GoDaddy).

  1. Generate your CSR:
    keytool -certreq -v -alias codesigncert -file mycsr.pem -keystore codesignstore
  2. Enter your keystore's password and press enter.
  3. Open your CSR. How you do that depends on your OS:
    作業系統 命令
    Mac OS X
    nano mycsr.pem
    start notepad "mycsr.pem"
  4. Copy your CSR, including the entirety of the lines containing BEGIN NEW CERTIFICATE REQUEST and END NEW CERTIFICATE REQUEST.


感謝您提供意見。 若要與客戶服務代表聯絡,請撥打支援中心電話號碼,或使用上方的對話選項。
很高興能幫上忙! 還有什麼可幫您的嗎?
很抱歉有這種情形。 請告訴我們您不了解的部分,或解決方案無法解決您問題的原因。