Java Code Signing Certificate Steps

Reference Oracle Doc ID 

Enhanced Jar Signing for Oracle E-Business Suite (Doc ID 1591073.1) Steps to generate the CSR certificate  (Before running below initialize command please take backup of adkeystore.dat, adsign.txt) adjkey -initialize -keysize 2048 -alias Java-code-2023 (Enter apps username, password, Org. Name, Org. Unit, Locality, State, Country) Generate CSR : keetool -siglag SHA256withRSA -certreq -keystore $APPL_TOP/admin/adkeystore.dat -file $APPL_TOP/admin/adkeystore.csr -alias Java-code-2023 Submit CSR to Certificate team to Get the certificate  Import the Root Certificate keytool -import -alias root-2023 -file Root_Cert.crt -trustcacerts -v -keystore cacerts Enter The keystore password -  Validate root certificate is added or not with below command keytool -list -keystore cacerts    Import Intermediate Certificate copy certificate to $APPL_TOP/admin path cd $APPL_TOP/admin $keytool -import -file Intermediate_Cert.crt -trustcacerts -alias intermediate-2023 -keystore adkeystore.dat enter keystore password  Validate installed certificate keytool -list -keystore adkeystore.dat Import Java Code Signing Certificate keytool -import -file Code_Sign_Cert.crt -trustcacerts -alias java-code-2023 -keystore adkeystore.dat enter keystore password and key password for alias Validate installed certificate keytool -list -keystore adkeystore.dat Verify Certificate Installation  jarsigner -verify -certs -verbose $AD_TOP/java/jar/adxlib.jar jarsigner -keystore adkeystore.dat -verify -verbose -certs $AD_TOP/java/jar/adxlib.jar Above command will show the Certificate Expiry date To Identify the existing keysotore and Key passwords run following SQL script by connecting to APPS. SQL> set serveroutpu on declar $pass varchar2(30); kpass varchar2(30); begin ad_jar.get_jripasswords($pass, kpass); dbms_output.put_line(spass); dbms_output.put_line(kpass); end; / Above script will give the output with existing passwords