Discussions
Categories
- 196.9K All Categories
- 2.2K Data
- 239 Big Data Appliance
- 1.9K Data Science
- 450.3K Databases
- 221.7K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 550 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 546 SQLcl
- 4K SQL Developer Data Modeler
- 187K SQL & PL/SQL
- 21.3K SQL Developer
- 295.9K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.6K Development Tools
- 107 DevOps
- 3.1K QA/Testing
- 646K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 155 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 18 Java Essentials
- 160 Java 8 Questions
- 86K Java Programming
- 80 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 204 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 442 LiveLabs
- 38 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 232 Portuguese
can we resign the already signed jars in java?
Hi -
I have a production jar which is signed and as part of a fix i have to change a class file in that jar and redeploy it. so to achieve this i first unsign the old signature, make changes to the file and resign it.
So far i have tried the following steps below
1) unzip the jar in secure Zip
2) delete .SF and .DSA files under META-INF
3) Delete signing checksums from META-INF/MANIFEST.MF: each "Name" and "SHA1-Digest and save the jar
4) updated a class file
5) sign the jar using jarsigner tool
But even after unsigning and once i make any changes to the jar it doesn't seem to work and throws an error "cannot load the jar file "
Can someone please help me how to troubleshoot the signed jar issue and include my change in the jar?
Appreciate your help in advance!
Answers
-
First thing would be to verify that your jar file was signed correctly by using jarsigner tool with the -verify option.
-
Thank you for your response. I could verify the jar successfully before making any changes . But once i unsign ,updated a file and then resign it with my signature and try to verify it says "Invalid signature digest for manifest main attributes" . Looks like my ant target which is resigning the jarsdoesn't seem to be doing it right. can you please advise if i am missing something here.
<target name="sign-jar">
<signjar destDir="${sign.home}" alias="deployment" keystore="${webstart.dir}/tbKeystore.jks" spreservelastmodified="yes">
<path>
<fileset dir="${sign.home}">
<include name="*.jar" />
</fileset>
</path>
<flattenmapper />
</signjar>
</target>
-
Why aren't you using the same build process used to build the original jar?
You know that one works properly.