Business / Enterprise Security Products & Services > Code Signing Certificate

unrecognized reply from time server

(1/2) > >>

mediascience:
Trying to timestamp-sign a JAR using url
http://timestamp.comodoca.com/authenticode

jarsigner responds with error:
jarsigner: unable to sign jar: java.io.IOException: MIME Content-Type is not app
lication/timestamp-reply


Is there an alternate time server for jarsigner?

TIA

mark-support:
Hi,

The timestamping server URL is common for all type of signing, so could you please send a exact command that you have used for signing a jar file to find a cause of the issue?.

Thanks.

mediascience:
I believe authenticode uses a proprietary protocol that is different from the standard used by jarsigner (Timestamp Protocol, RFC 3161). So, I'm wondering where I might find Comodo's timestamp server for the standard protocol.

As requested, the command that generates the error:
jarsigner -signedjar detector.jar -tsa "http://timestamp.comodoca.com/authenticode" assembly-1.0-SNAPSHOT-jar-with-dependencies.jar msisoftware
Enter Passphrase for keystore:
Enter key password for msisoftware:
jarsigner: unable to sign jar: java.io.IOException: MIME Content-Type is not application/timestamp-reply


Thank you.

jpblanco:
I am another user that is trying to sign JAR files using jarsigner, and am running into the same problem as is decribed above by other users.  I believe that the post by the user who suggests that the Authenticode protocol is different than the standard protocol is correct.  Please respond and let us know if Comodo has a URL that supports the timestamping protocol used by jarsigner and, if so, where we can access it.  If Comodo does not yet support this, we need to know when you will.

For the record, the error message I'm receiving is:

"jarsigner: unable to sign jar: java.io.IOException: MIME Content-Type is not application/timestamp-reply"

If you (the Comodo support team) need more information on jarsigner and its support for timestamping, please see:

http://java.sun.com/j2se/1.5.0/docs/guide/security/time-of-signing.html

mark-support:
Hi,

Unfortunately at this time we do not support timestamping JARs.

I do not know if we will offer a timestamping service for anything other than Authenticode. However, I will suggest our developers add this sort of functionality to our arsonal. I can not guarantee it will ever be added.

Thanks.

Navigation

[0] Message Index

[#] Next page

Go to full version
Seo4Smf 2.0 © SmfMod.Com Smf Destek