You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Jason Thrasher (JIRA)" <ji...@codehaus.org> on 2010/12/20 23:35:58 UTC
[jira] Created: (MJARSIGNER-11) signing failure with keystore alias
containing single-quote character
signing failure with keystore alias containing single-quote character
---------------------------------------------------------------------
Key: MJARSIGNER-11
URL: http://jira.codehaus.org/browse/MJARSIGNER-11
Project: Maven 2.x Jar Signer Plugin
Issue Type: Bug
Affects Versions: 1.2
Environment: Mac OSX 10.5.8
java version "1.6.0_22"
Reporter: Jason Thrasher
If a keystore is used with an alias that contains a single quote character, the maven-jarsigner-plugin fails to build a proper command line. This is because the alias field in the jarsigner argument contains a quote character that is not escaped. Alias names with a single quote are considered valid, therefore the maven-jarsigner-plugin isn't handling this input correctly.
Plugin error message when alias with a single quote is encountered:
[...SNIP]
[WARNING] /bin/sh: -c: line 0: unexpected EOF while looking for matching `''
[WARNING] /bin/sh: -c: line 1: syntax error: unexpected end of file
[...SNIP...]
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed executing '/bin/sh -c cd /Users/jason/Documents/dev/bitmenu/trunk/app/dlapplet && /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/bin/jarsigner -verbose -tsa http://tsa.starfieldtech.com -keystore /Users/jason/Documents/bitmenu/certs/bitmenu-codesigning-comodo.p12 -storepass ''*****'' -storetype PKCS12 /Users/jason/Documents/dev/bitmenu/trunk/app/dlapplet/target/bitmenu-dlapplet-1.4.0-SNAPSHOT.jar 'bitmenu, inc.'s the usertrust network id'' - exitcode 2
Note: PKCS12 files created with Comodo's code signing system may have aliases with a single quote like this.
=== possible workaround ===
Export the cert and the key, then re-import them to a new pkcs12 file with a different alias.
# to reset the alias name in a pkcs12 file
openssl pkcs12 -in myComodo.p12 -out myComodo-keys.pem -nodes -nocerts
openssl pkcs12 -in myComodo.p12 -out myComodo-certs.pem -nodes -nokeys
openssl pkcs12 -export -in myComodo-certs.pem -inkey myComodo-keys.pem -out myComodo-new.p12 -name "myalias"
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira