...
The recommended approach from Digicert is leveraging the custom PKCS#11 implementation with the maven-jarsigner-plugin
for automating the JAR signing process: https://docs.digicert.com/deen/digicert-one/secure-softwaresoftware-trust-manager/cisigning-cd-integrations/maven-integrationtools/sign-java-files-with-jarsigner-using-pkcs11-integration.html. (ASF INFRA also has some recommendations at https://infra.apache.org/digicert-use.html, but those are primarily targeted at signing Windows applications at the moment).
...
All secrets were created by INFRA in the context of
Jira | ||||||
---|---|---|---|---|---|---|
|
These are
Integration in Tycho P2 Repository Build
...