Skip to main content
Call us
Phone numbers and hours
Help Center

Explore our online help resources

Help

GoDaddy Help

Java Code Signing: Generate a CSR

Note: Starting June 1, 2021, GoDaddy will no longer issue or renew Code Signing or Driver Signing Certificates. If you already own a Code Signing or Driver Signing Certificate, you will be unable to rekey it after June 1, 2021. All certificates issued before June 1, 2021 will remain valid until they expire.

To request a code signing certificate, you have to provide us a certificate signing request (CSR) generated from the machine you'll use to sign the code. We'll use the information in this file to validate your request and provide the information to anyone downloading your code.

Note: You must generate the CSR from your local machine and not from the web server you're using to host the file.

Windows-only preparation

If you use Windows, you must complete the following steps before generating your CSR.

  1. Run cmd as an administrator.
  2. Move to your JDK installation's bin directory:
    cd C:\Program Files\java\jdkversion number\bin

Create a keystore

To store your public and private keys (used to sign your code), you must create a keystore. You'll use this repeatedly throughout the code signing certificate request and installation process.

  1. Create a keystore called codesignstore:
    keytool -genkey -alias codesigncert -keyalg RSA -keysize 2048 -keystore codesignstore
  2. Complete the information requested from you at the command prompt. There are a few important things to note:
    • It's important that this information is consistent with everything else you plan to use in your request.
    • Note your keystore's password because you must have it to sign your Java code.

Generate a CSR

Now, use your keystore to create your certificate signing request (which you will use to request the certificate you purchased from GoDaddy).

  1. Generate your CSR:
    keytool -certreq -v -alias codesigncert -file mycsr.pem -keystore codesignstore
  2. Enter your keystore's password and press enter.
  3. Open your CSR. How you do that depends on your OS:
    OS Command
    Mac OS X
    nano mycsr.pem
    Windows
    start notepad "mycsr.pem"
  4. Copy your CSR, including the entirety of the lines containing BEGIN NEW CERTIFICATE REQUEST and END NEW CERTIFICATE REQUEST.

Next step