[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [tycho-user] [tycho-jnlp-plugin] Signing RCP eclipse applications with JDK 1.7
|
tycho-jnlp-plugin is more or less unmaintained at this point, so I think
your best bet is to fork at it github and fix the fork yourself. I may
still fix it myself when I need to build p2viewer, but I don't know when
(and if) this will happen.
--
Regards,
Igor
On 2013-04-02 1:49 PM, Guillaume PRIN wrote:
Hi,
I use tycho to build a Java Web Start application with RCP. Everything
works with JDK 1.6. I updated from JDK 1.6 to JDK 1.7.
Everything builds with JDK 1.7 but an error occurs when I try to execute
the jnlp file from a web server. The error is :
jarsigner: java.lang.SecurityException: invalid SHA1 signature file
digest
I have also this error when I verify the jar signature with 'jarsigner
-verify -verbose -certs /path/to/file.jar'
I found that I should use the option '-digestalg SHA1' for the jarsigner
executable. From JDK 1.6 to JDK 1.7, the default value for the
'-digestalg' option has changed from SHA-1 to SHA256. I tried to
manually sign a jar by adding this option to the jarsigner command line
executed by maven. The signature file seems then correct when I try to
verify it.
I can't find a way to indicate to add this option in my pom.xml file.
According to the source code of JarsignerMojo.java, It does not seem
possible.
Is there a way to add this option to jarsigner command line generated by
tycho ?
Thanks for your help
Guillaume
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user