hxuanyu/intellij-sdk-code-samples
1
0
Fork 0
mirror of https://github.com/JetBrains/intellij-sdk-code-samples.git synced 2025-07-28 09:17:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

plugin_signing.md: add Plugin Signature Verification

Browse Source
This commit is contained in:
Jakub Chrzanowski 2023-03-23 07:38:23 +01:00
parent af7c15bd41
commit c64b69021e
No known key found for this signature in database
GPG Key ID: C39095BFD769862E
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
topics/basics/plugin_signing.md
View File

@ -289,3 +289,16 @@ keytool -import -alias IdeaPlugin -file chain.crt -keystore pluginKeystore.jks -
(note: the TrustStore password must remain `changeit`) (note: the TrustStore password must remain `changeit`)
Otherwise, users may add the public key manually to <ui-path>Settings | Plugins | Manage Plugin Certificates</ui-path>. Otherwise, users may add the public key manually to <ui-path>Settings | Plugins | Manage Plugin Certificates</ui-path>.
## Plugin Signature Verification
To verify the signature of a plugin, you can use the [`verifyPluginSignature`](tools_gradle_intellij_plugin.md#tasks-verifypluginsignature) task.
By default, this task will use the same certificate chain as provided to the [`signPlugin`](tools_gradle_intellij_plugin.md#tasks-signplugin) task in the previous section.
To verify the signature using [CLI tool](cli-tool), execute the `verify` command as below:
```bash
java -jar marketplace-zip-signer-cli.jar verify\
-in "signed.zip"\
-cert "/path/to/chain.crt"
```