Signing Plugin always throws NullPointerException: pemObject must not be null
Answered
I followed the tutorial for Plugin Signing on https://plugins.jetbrains.com/docs/intellij/plugin-signing.html
but no matter what I do, I always get this error:
[gradle-intellij-plugin :com.ast.devmate.intellij.plugin:signPlugin] Error during Marketplace ZIP Signer CLI execution:
Exception in thread "main" java.lang.NullPointerException: pemObject must not be null
at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:62)
at org.jetbrains.zip.signer.signer.PrivateKeyUtils.loadKeyPair(PrivateKeyUtils.kt:48)
at org.jetbrains.zip.signer.signer.SignerInfoLoader.loadSignerInfoFromText(SignerInfoLoader.kt:30)
at org.jetbrains.zip.signer.ZipSigningTool.sign(ZipSigningTool.kt:58)
at org.jetbrains.zip.signer.ZipSigningTool.main(ZipSigningTool.kt:29)
I tried with values direct in the file, with environment values and with the CLI Tool
Please sign in to leave a comment.
I've found the issue (gradle-intellij-plugin 1.2.0). The docs recommend to use ENV vars but it doesn't support multi-line. I changed it to my key and cert location.
I encounter the same issue that the original post. (tested with gradle-intellij-plugin 1.1.6 and 1.2.1, Windows 10).
There is already an issue on github : https://github.com/JetBrains/marketplace-zip-signer/issues/28
The temporary solution of Rhaalebos to store the location to the private key and cert in env vars worked
Got the same result with folowing the same steps on Windows
Please share your project sources/link and make sure you're using latest gradle-intellij-plugin (1.2.1)
see also https://stackoverflow.com/questions/49457787/how-to-export-a-multi-line-environment-variable-in-bash-terminal-e-g-rsa-privat
I managed to sign it with the methods shown here (even though I tried that with the CLI Tool). So thanks for that.
However, when you want to download the plugin from the store I get this message:
Plugin Signature Checker
Plugin 'PluginName' signature can't be verified:
Zip integrity check failed. CHUNKED_SHA512S digest mismatch
Any Idea whats the problem?
How can I check that the signing worked without needing to upload it to the store
I got a new Error, it's pretty similar to the last, but still different:
Plugin Security Warning
Digital signature verification of the 'PluginName' plugin failed with the following message: Zip integrity check failed. CHUNKED_SHA512S digest mismatch
Could you please provide more details and a minimal reproducible example?
What details do you need?
I have create a minimal copy of the plugin and uploaded it. It will take a while to get reviewed though
Plugin signing still fails with this error with Gradle IntelliJ Plugin 1.3.0. Why is this not fixed?
Still fail in 1.4.0
I fix it by using local gradle properties.
define variable at gradle.properties:
modify build.kts:
hi guys i found the solution to our problem.
The hint was in the "signPlugin" example.
In the example the priv key was displayed like this:
But if you just create the private.pem file its in this format:
The solution is to decrypt the priv key first (dont ask me why we need to give a priv_key_password aswell to the signPlugin gradle task):
Any update about this ?
You can find the solution in the post above, or in this Repo: https://github.com/AskMeAgain/IntellijPluginTemplate. The readme gives you a complete explanation how it works and the create-secret.sh script does everything for you
Note that both the private key and certificate chain are multi-line values. It is necessary to transform them first using Base64 encoding before providing to the single-line field in Environment Variables panel.
In macOS use this command to generate the base64 string
base64 -b 0 -i /path/to/chain.crt -o /path/to/chain_base64.crt
base64 -b 0 -i /path/to/private.pem -o /path/to/private_base64.pem
The whole signing flow is described in the Plugin Signing article in IntelliJ SDK Docs: https://plugins.jetbrains.com/docs/intellij/plugin-signing.html
The documentation was already updated to address the issue described in this thread.