You now have a signed JAR file sContract.jar
.
Clients wanting to use the file will want to authenticate the
signature.
In order to do so, they need the public key corresponding to the
private key used to generate the signature. You supply this
by sending them a copy of the certificate containing the public
key. Copy that certificate from the keystore stanstore
to a file named StanSmith.cer
via the following:
keytool -export -keystore stanstore -alias signLegal -file StanSmith.cer
You will be prompted for the store password (balloon53
).
Given that certificate and the signed JAR file, a client can use
the jarsigner
tool to authenticate your signature, as
you will see next.