Testing just now with webstart on windows with JDK version 1.5 I came across an error where webstart refused to launch my application claiming "found unsigned entry in resource". In other words, it claimed that my jar file was not properly signed. But the jar file IS properly signed, and worked fine with java 1.4.
A little research on forum.java.sun showed that others have had this problem and that the solution is simply to try again. After reloading the jnlp file three times, the problem went away.
I don't like the idea that my customers may have to do this. They would probably assume there was an error in our application, not an error in WebStart, and might not be willing to re-try three times.
Anyone else seen this problem?
Know any work-arounds? Maybe I need to use a jdk1.5 jarsigner rather than the jdk1.4 jarsigner?
I have this problem as well with 1.5.0. I get the error the first time I try to start the app when it needs to download the jars - when I click the link again, it tries again and downloads it without complaining about anything.
Hi Somaiah & Damian, I already have the "Keep temporary files on my computer" option checked and yet face the issue. Any other workaround? My application is slightly different though: it is a JavaFX 2.0 application signed using JavaFX's <fx:signjar> ant target. Any pointers would be highly appreciated!
Also, can we not run a JNLP app without signing it in the first place?
I'm not sure whether Somaiah and Damian still visit this forum, as they both posted only once some time ago.
Other people here might still be able to help you, though. You should probably tell us what your problem is (the exact error message etc.). In any case, you can use
to see whether the file is correctly signed.
I have a similar problem to shrihari. I'm building a JavaFX application with extensive reference to 3rd party libraries. I removed the signatures from all the files and then resigned using the option in Netbeans, under project properties.
I'm getting the security error as mentioned however.
com.sun.deploy.net.JARSigningException: Found unsigned entry in resource: file:/C:/NetBeansProjects/Besieged/dist/Besieged.jar
at com.sun.javaws.security.SigningInfo.getCommonCodeSignersForJar(Unknown Source)
at com.sun.javaws.security.SigningInfo.check(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.prepareLaunchFile(Unknown Source)
at sun.plugin2.applet.JNLP2Manager.loadJarFiles(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I've checked using jarsigner -verify on the file in question, after I built the project.
The answer I get to that query is:
This jar contains entries whose certificate chain is not validated.
(I also get a 6 month expiry warning, not sure that matters too much).
Also in windows control panel -> java control panel -> settings -> temporary internet files (as per suggestion above), the cache is switched on, eliminating one particular workaround.