This week's book giveaway is in the OCPJP forum.
We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line!
See this thread for details.
The moose likes Java in General and the fly likes invalid SHA1 signature file digest Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "invalid SHA1 signature file digest" Watch "invalid SHA1 signature file digest" New topic
Author

invalid SHA1 signature file digest

Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
I have been trying to verify the Jar signing:

jarsigner -verify -verbose -certs example.jar

I got the following problem:

jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for o
rg/apache/log4j/net/DefaultEvaluator.class

I got some suggestions about using -digestalg SHA-1 but I do not know where I should put this statement!

I hope you can help me to fix the problem.
Nassar Mohanad
Greenhorn

Joined: Nov 16, 2011
Posts: 3
Here is the solution:

jarsigner -keystore mykeystore -digestalg SHA1 jarfile alias

To verify:

jarsigner -verify -verbose -certs jarfile
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: invalid SHA1 signature file digest