Keep getting "JNLPSigningException [Failed to validate signing of launch file]" when launching a JNLP signed by template
We decided to sign our JNLP files by following this oracle guide. Since we have different JNLPs, we went for the second approach (Signing a JAR file with a JNLP template).
Here's the code we extracted into the template:
<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="*" href="*">
<information>
<title>*</title>
<vendor>My vendor</vendor>
<description>My description</description>
<icon href="splash.jpg" kind="splash" width="700" height="400" size="115258"/>
<offline-allowed />
<shortcut>
<menu submenu="My submenu"/>
</shortcut>
</information>
<security>
<all-permissions/>
</security>
<resources locale="en es ja">
<j2se version="1.6+" initial-heap-size="128m" max-heap-size="384m" href="http://java.sun.com/products/autodl/j2se"/>
<jar href="myjar.jar" main="true" download="lazy" part="core" size="*"/>
<jar href="lib/commons-lang-2.6.jar" download="lazy" part="commons" size="297085"/>
...
<jar href="lib/trident-6.0.jar" download="lazy" part="core" size="114496"/>
<property name="jnlp.myProperty" value="*"/>
<property name="log4j.configuration" value="*"/>
</resources>
<application-desc main-class="com.mycom.myapp.MyClass">
</application-desc>
</jnlp>
... and here's one of the JNLPs we are actually using:
<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="http://mylocation.mycom.com/jnlp/myapp/" href="myapp.jnlp">
<information>
<title>My App - Production version</title>
<vendor>My vendor</vendor>
<description>My description</description>
<icon href="splash.jpg" kind="splash" width="700" height="400" size="115258"/>
<offline-allowed />
<shortcut>
<menu submenu="My submenu"/>
</shortcut>
</information>
<security>
<all-permissions/>
</security>
<resources locale="en es ja">
<j2se version="1.6+" initial-heap-size="128m" max-heap-size="384m" href="http://java.sun.com/products/autodl/j2se"/>
<jar href="myjar.jar" main="true" download="lazy" part="core" size="4189501"/>
<jar href="lib/commons-lang-2.6.jar" download="lazy" part="commons" size="297085"/>
...
<jar href="lib/trident-6.0.jar" download="lazy" part="core" size="114496"/>
<property name="jnlp.myProperty" value="http://mylocation.mycom.com/jnlp/myapp/MyApp.properties"/>
<property name="log4j.configuration" value="http://mylocation.mycom.com/jnlp/myapp/log4j.xml"/>
</resources>
<application-desc main-class="com.mycom.myapp.MyClass">
</application-desc>
</jnlp>
notice that I used the wildcard(*) for:
- The codebase attribute in tag jnlp
- The href attribute in tag jnlp
- Content inside title tags
- attribute size in jar tag
- the value of the two properties
I put the template inside the appropriate JNLP-INF folder (with the appropriate name as well) and we signed the JAR after that. However, we keep getting a JNLPSigningException with the following message:
Failed to validate signing of launch file. The signed version does not match the downloaded version.
Does anyone have an idea of what am I missing?
Answer
I had this same issue, but it turned out that my src/JNLP-INF/APPLICATION.JNLP file included in the signed .jar file (used as a signed jnlp file) was different than the application.jnlp file being used in the web application defined in the <applet> tags. Once I made them the same, error went away.
Word of caution using signed JNLP files within the .jar file, the file needs to be named exactly JNLP-INF/APPLICATION.JNLP as it is used as a template to match the jnlp being called within the application: