[
https://jira.codehaus.org/browse/MSHARED-314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=337897#comment-337897
]
Tony Chemit commented on MSHARED-314:
-------------------------------------
done in [r1553841|http://svn.apache.org/r1553841]
> Unsign jar still have some signatures in the manisfest
> ------------------------------------------------------
>
> Key: MSHARED-314
> URL: https://jira.codehaus.org/browse/MSHARED-314
> Project: Maven Shared Components
> Issue Type: Bug
> Components: maven-jarsigner
> Affects Versions: maven-jarsigner-1.2
> Reporter: Tony Chemit
> Assignee: Tony Chemit
> Fix For: maven-jarsigner-1.3
>
>
> when unsigning a jar, we must remove of the signatures files from the
> META-INF package + remove any signing attributes (like SHA1-DIGEST ones).
> The problem occurs in fact when a jar was signed by jdk6, unsign it, then
> resign it with a jdk7.
> since the digest algorithm since jdk7 is no more the same, we still have some
> entry in the manifest which does not match the effective signing...
> the best way to remove this is just to clean the manisfest file.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
