Name: rlT66838 Date: 01/21/2000


java version "1.2.2"
Classic VM (build JDK-1.2.2-W, native threads, symcjit)

The keytool tool has two types of certificates, key entries that contain both
the public and private key, and trusted certificates which contain only the
public key. The purpose is to allow someone to distribute a public key without
posessors of the certificate being able to sign content as though they were
the private key holder.

The jarsigner will refuse to sign a jar with a trusted certificate entry; it
requires a key entry. However the error message that you get is that the
"jarsigner: certificate not found for: alias". This is misleading. This is
the same message you get if the alias is actually not in the keystore.

A much better message would be:
"jarsigner: certificate for alias is not a key entry and can not be used to
sign a jar file."
(Review ID: 100224)
======================================================================