Interesting Jar Signing Issue
I started out creating my key with:
keytool -genkey -keystore myKeystore -alias newKey
keytool -genkey -selfcert -alias newKey -keystore myKeystore
I then proceeded to successfully sign and verify 8 jar files using:
jarsigner -keystore myKeystore MyClass.jar newKey
jarsigner -verify MyClass.jar
On the 9th and 10th jar files the verify came back with this error:
jarsigner: java.io.IOException: invalid manifest format
On the 9th jar file I un-jarred it and then re-jarred it again. I then signed it and verified it properly.
It is the 10th jar file that I cannot verify the signature for the life of me. I have gone though all of the above processes multiple times and have accomplished nothing besides losing a bit of hair! I do not understand this error because I am not modifying the manifest file whatsoever. It is just the plain jane vanilla manifest file that the jar command creates for you.
Basically I will sign the jar file and everything appears to be ok. When I verify I get the invalid manifest format error. If I try to sign the jar file again even with a different key I also get the invalid manifest error. It is almost as if jarsigner is trashing my manifest file. What should I do?!?
Help would be appreciated!
Phil
