Problem re-signing a jar file

["Ganssauge, Gottfried" <Go...@haufe.de>]

Im building an applet using maven2 and in order to have an easier time
deploying it, I want to integrate all of it's dependencies along with
the applet code into a single jar using the dependency plugin.
One of those dependencies is a signed applet and of course the
certificate and the signatures are also unpacked by the dependency
plugin.

Now I'm trying to sign my applet using jar:sign and here a problem
appears: the jar plugin reports an error saying "jarsigner:
java.lang.SecurityException: Invalid signature file digest for Manifest
main attributes".

Configuring verify to false doesn't help - the jarsigner is always run
with the -verify flag.

Signing the same file by hand poses no problems as long as I avoid using
the -verify flag.

Any clues what I could do to avoid this failure?

Cheers,

Gottfried

P.S.:
Find attached my POM and an error log produced by "mvn -X"