[jira] Commented: (MPJNLP-28) Signing jars should remove old signatures
[ http://jira.codehaus.org/browse/MPJNLP-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=184855#action_184855 ] Filippo De Luca commented on MPJNLP-28: --- bq. Are you using Maven 1? This issue is for a Maven 1 Plugin. oops, I use maven 2.2.0 but I have the same issue with bouncycastle:bcmail-jdk14 > Signing jars should remove old signatures > - > > Key: MPJNLP-28 > URL: http://jira.codehaus.org/browse/MPJNLP-28 > Project: Maven 1.x JNLP Plugin > Issue Type: Bug >Affects Versions: 1.4.1 >Reporter: Geoffrey De Smet > > Using jdk & webstart 1.5: > When signing a dependend jar that is already signed (for example > acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each > class is only signed once). > But webstart can't handle this (it should but it doesn't) and it says that > not all jars are signed by the same certificate. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MPJNLP-28) Signing jars should remove old signatures
[ http://jira.codehaus.org/browse/MPJNLP-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=184852#action_184852 ] Dennis Lundberg commented on MPJNLP-28: --- Are you using Maven 1? This issue is for a Maven 1 Plugin. > Signing jars should remove old signatures > - > > Key: MPJNLP-28 > URL: http://jira.codehaus.org/browse/MPJNLP-28 > Project: Maven 1.x JNLP Plugin > Issue Type: Bug >Affects Versions: 1.4.1 >Reporter: Geoffrey De Smet > > Using jdk & webstart 1.5: > When signing a dependend jar that is already signed (for example > acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each > class is only signed once). > But webstart can't handle this (it should but it doesn't) and it says that > not all jars are signed by the same certificate. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MPJNLP-28) Signing jars should remove old signatures
[ http://jira.codehaus.org/browse/MPJNLP-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=184851#action_184851 ] Filippo De Luca commented on MPJNLP-28: --- What about this issue? > Signing jars should remove old signatures > - > > Key: MPJNLP-28 > URL: http://jira.codehaus.org/browse/MPJNLP-28 > Project: Maven 1.x JNLP Plugin > Issue Type: Bug >Affects Versions: 1.4.1 >Reporter: Geoffrey De Smet > > Using jdk & webstart 1.5: > When signing a dependend jar that is already signed (for example > acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each > class is only signed once). > But webstart can't handle this (it should but it doesn't) and it says that > not all jars are signed by the same certificate. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (MPJNLP-28) Signing jars should remove old signatures
[ http://jira.codehaus.org/browse/MPJNLP-28?page=comments#action_65192 ] Geoffrey De Smet commented on MPJNLP-28: Acegi's jar are good test cases (they are signed by Ben Alex in ibiblio). When unsigning, don't forget to remove META-INF/xxx.SF and META-INF/xxx.RSA (case insensitive) An option unsignAnyAlreadySigned would be handy, not to have to note every jar to unsign. > Signing jars should remove old signatures > - > > Key: MPJNLP-28 > URL: http://jira.codehaus.org/browse/MPJNLP-28 > Project: maven-jnlp-plugin > Type: Bug > Versions: 1.4.1 > Reporter: Geoffrey De Smet > > > Using jdk & webstart 1.5: > When signing a dependend jar that is already signed (for example > acegic-security-0.8.2.jar), the new jar has 2 .RSA and .SF files (but each > class is only signed once). > But webstart can't handle this (it should but it doesn't) and it says that > not all jars are signed by the same certificate. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
