You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Geoffrey De Smet (JIRA)" <ji...@codehaus.org> on 2006/05/11 15:27:41 UTC
[jira] Commented: (MPJNLP-28) Signing jars should remove old
signatures
[ http://jira.codehaus.org/browse/MPJNLP-28?page=comments#action_65192 ]
Geoffrey De Smet commented on MPJNLP-28:
----------------------------------------
Acegi's jar are good test cases (they are signed by Ben Alex in ibiblio).
When unsigning, don't forget to remove META-INF/xxx.SF and META-INF/xxx.RSA (case insensitive)
An option unsignAnyAlreadySigned would be handy, not to have to note every jar to unsign.
> Signing jars should remove old signatures
> -----------------------------------------
>
> Key: MPJNLP-28
> URL: http://jira.codehaus.org/browse/MPJNLP-28
> Project: maven-jnlp-plugin
> Type: Bug
> Versions: 1.4.1
> Reporter: Geoffrey De Smet
>
>
> Using jdk & webstart 1.5:
> When signing a dependend jar that is already signed (for example acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each class is only signed once).
> But webstart can't handle this (it should but it doesn't) and it says that not all jars are signed by the same certificate.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira