[ https://jira.codehaus.org/browse/MSHARED-314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tony Chemit updated MSHARED-314: -------------------------------- Summary: Unsigning a jar is not correct (was: Unsign jar still have some signatures in the manisfest) > Unsigning a jar is not correct > ------------------------------ > > Key: MSHARED-314 > URL: https://jira.codehaus.org/browse/MSHARED-314 > Project: Maven Shared Components > Issue Type: Bug > Components: maven-jarsigner > Affects Versions: maven-jarsigner-1.2 > Reporter: Tony Chemit > Assignee: Tony Chemit > Fix For: maven-jarsigner-1.3 > > > when unsigning a jar, we must remove of the signatures files from the > META-INF package + remove any signing attributes (like SHA1-DIGEST ones). > The problem occurs in fact when a jar was signed by jdk6, unsign it, then > resign it with a jdk7. > since the digest algorithm since jdk7 is no more the same, we still have some > entry in the manifest which does not match the effective signing... > the best way to remove this is just to clean the manisfest file. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira