Skip to main content
Call us
Phone numbers and hours
Help Center

Explore our online help resources


SSL Certificates Help

Java Code Signing: Download certificate & sign code

Note: Starting June 1, 2021, GoDaddy will no longer issue or renew Code Signing or Driver Signing Certificates. If you already own a Code Signing or Driver Signing Certificate, you will be unable to rekey it after June 1, 2021. All certificates issued before June 1, 2021 will remain valid until they expire.

After verifying your certificate request, you can download your certificate files and use them to sign your Java code.

Download your certificate

  1. Go to your GoDaddy product page.
  2. Select SSL Certificates and select Manage for the certificate you want to download.
  3. Under Download Certificate, select a Server type and then select Download Zip File.

Move your certificate file

  1. Unzip the ZIP file you downloaded.
  2. Open the unzipped folder and locate the file ending in -SHA2.pem.
  3. (Optional) Rename the PEM file to something easier to type, for example mycert.pem.
  4. Move the PEM file to the place where you created your keystore.

    For Windows users, this is the bin directory of your JDK installation—for example:
    C:\Program Files\java\jdkversion number\bin

Windows-only preparation

If you're using Windows, you must complete the following steps before you can install the certificate and sign your code.

  1. Run cmd as an administrator.
  2. Move to your JDK installation's bin directory:
    cd C:\Program Files\java\jdkversion number\bin

Install the certificate

  1. Through your command line, navigate to the directory where you created your keystore. (Windows users should already be here.)
  2. Install your certificate:
    keytool -importcert -file mycert.pem -keystore codesignstore
  3. Enter your keystore's password.
  4. Type yes that you want to trust the certificate, and then press enter.

Sign your code

  1. Sign your code:
    jarsigner -verbose -keystore codesignstore -tsa your jar file.jar codesigncert
    Windows users might need to use the full paths to their keystore (JKS) and JAR files.

    Note: You must use the time stamp authority.

  2. Enter your keystore's password.
  3. Verify your code is signed.
    jarsigner -verify -verbose -certs your jar file.jar

If everything worked, you'll see jar verified.

You should expect to see "This jar contains entries whose certificate chain is not validated." The presence of this warning does not indicate that your certificate won't work.

Next step

  • That's it! You can now start distributing your signed code.