invalid SHA1 signature file digest

jnlp
Nasser picture Nasser · Nov 18, 2011 · Viewed 39.4k times · Source

I have been trying to verify the Jar signing:

    jarsigner -verify -verbose -certs example.jar

I got the following problem:

jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for o
rg/apache/log4j/net/DefaultEvaluator.class

I got some suggestions about using -digestalg SHA-1 but I do not know where I should put this statement!

I hope you can help me to fix the problem.

Answer

rzymek picture rzymek · Apr 15, 2013

This error can also happen when the jar is signed twice.

The solution was to 'unsign' the jar by deleting *.SF, *.DSA, *.RSA files from the jar's META-INF and then signing the jar again.

Related questions

Can not run Java Applets in Internet Explorer 11 using JRE 7u51

Today I updated my Java version to 7u51. After the installation, I cleared Java Cache, browser's Cache, and logged into a secure website that uses an Applet to provide certain additional services to the user. The applet is not working …

Read More
I am not able launch JNLP applications using "Java Web Start"?

Up until recently, I was able to launch/open JNLP files in Firefox using Java web start. Don't know what happened all of a sudden JNLP files stopped launching, a splash screen appears saying Java Starting... and then nothing happens. …

Read More
SecurityException during executing jnlp file (Missing required Permissions manifest attribute in main jar)

OS: Windows 7 64 bit Java: jdk1.7.0_51 I have a jnlp file. When I double click on this, exception is occurred as below: Application Error: Unable to launch the application Exception: java.lang.SecurityException: Missing required Permissions manifest attribute in main jar

Read More