This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Java in General and the fly likes invalid SHA1 signature file digest Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "invalid SHA1 signature file digest" Watch "invalid SHA1 signature file digest" New topic
Author

invalid SHA1 signature file digest

Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
I have been trying to verify the Jar signing:

jarsigner -verify -verbose -certs example.jar

I got the following problem:

jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for o
rg/apache/log4j/net/DefaultEvaluator.class

I got some suggestions about using -digestalg SHA-1 but I do not know where I should put this statement!

I hope you can help me to fix the problem.
Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
Here is the solution:

jarsigner -keystore mykeystore -digestalg SHA1 jarfile alias

To verify:

jarsigner -verify -verbose -certs jarfile
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: invalid SHA1 signature file digest
 
Similar Threads
Two questions about applet security
using bouncy castle jce provider??
Programmatically repacking and signing jar, veryfing problem
implementing secured jboss deployment
Looking for a good example/explanation