Maven 1.x JNLP Plugin

Signing jars should remove old signatures

Details

  • Type: Bug Bug
  • Status: Open Open
  • Priority: Major Major
  • Resolution: Unresolved
  • Affects Version/s: 1.4.1
  • Fix Version/s: None
  • Component/s: None
  • Labels:
    None
  • Number of attachments :
    0

Description

Using jdk & webstart 1.5:

When signing a dependend jar that is already signed (for example acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each class is only signed once).
But webstart can't handle this (it should but it doesn't) and it says that not all jars are signed by the same certificate.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Geoffrey De Smet added a comment -

Acegi's jar are good test cases (they are signed by Ben Alex in ibiblio).

When unsigning, don't forget to remove META-INF/xxx.SF and META-INF/xxx.RSA (case insensitive)
An option unsignAnyAlreadySigned would be handy, not to have to note every jar to unsign.

Show
Geoffrey De Smet added a comment - Acegi's jar are good test cases (they are signed by Ben Alex in ibiblio). When unsigning, don't forget to remove META-INF/xxx.SF and META-INF/xxx.RSA (case insensitive) An option unsignAnyAlreadySigned would be handy, not to have to note every jar to unsign.
Hide
Permalink
Filippo De Luca added a comment -

What about this issue?

Show
Filippo De Luca added a comment - What about this issue?
Hide
Permalink
Dennis Lundberg added a comment -

Are you using Maven 1? This issue is for a Maven 1 Plugin.

Show
Dennis Lundberg added a comment - Are you using Maven 1? This issue is for a Maven 1 Plugin.
Hide
Permalink
Filippo De Luca added a comment -

Are you using Maven 1? This issue is for a Maven 1 Plugin.

oops, I use maven 2.2.0 but I have the same issue with bouncycastle:bcmail-jdk14

Show
Filippo De Luca added a comment -
Are you using Maven 1? This issue is for a Maven 1 Plugin.
oops, I use maven 2.2.0 but I have the same issue with bouncycastle:bcmail-jdk14

People

Vote (3)
Watch (2)

Dates

  • Created:
    Updated:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Codehaus. Try JIRA - bug tracking software for your team.