Where can I get the tsacert for jarsigner?

Digital Certificates Code Signing Certificate
1

We are signing our jar with a comodo certificate.
Since last java versions we’re getting a warning that no tsa or tsacert was specified.

I’ve found this Knowledgebase article with the tsa-url: Time Stamping Server - Powered by Kayako Help Desk Software

So signing with tsa works.
But according to the article it’s recommend to sleep at least 15 seconds between signings.
Because of the fact that we doxa lot of rollouts each day where we have to sign a lot of jar files I’d like to use a tsacert.
But I did not found any information where I can get the certificate from.

So I hope someone of you can help me… :slight_smile:

2

We don’t have a ‘tsacert’ that we can provide you with at this time. You should simply use the TSA URL instead and consider improving your rollout process so that you’re not abusing the Timestamping authority by hammering it with unnecessary requests.

3

I don’t think that the requests are unnecessary. :slight_smile:

We have one ant-task per rollout that signs all jars but I don’t know if ant makes one request per task or per jar.
So I don’t have a chance to limit the requests.