File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Java in General and the fly likes invalid SHA1 signature file digest Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "invalid SHA1 signature file digest" Watch "invalid SHA1 signature file digest" New topic
Author

invalid SHA1 signature file digest

Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
I have been trying to verify the Jar signing:

jarsigner -verify -verbose -certs example.jar

I got the following problem:

jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for o
rg/apache/log4j/net/DefaultEvaluator.class

I got some suggestions about using -digestalg SHA-1 but I do not know where I should put this statement!

I hope you can help me to fix the problem.
Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
Here is the solution:

jarsigner -keystore mykeystore -digestalg SHA1 jarfile alias

To verify:

jarsigner -verify -verbose -certs jarfile
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: invalid SHA1 signature file digest
 
Similar Threads
Programmatically repacking and signing jar, veryfing problem
Looking for a good example/explanation
Two questions about applet security
using bouncy castle jce provider??
implementing secured jboss deployment