Exception in thread “main” java.lang.SecurityException: Invalid signature file digest for Manifest main attributes
Exception in thread \"main\" java.lang.SecurityException: Invalid signature file d igest for Manifest main attributes
at sun.security.util
-
This error means that maven shade plugin has modified one of your dependencies hence the signature for those libraries are invalid.
remove the signature files is a work around and a solution depending on your use case. For me it is a bad practice so I ended up replacing the maven shade plugin for Apache Maven Assembly Plugin to create the jar with the dependencies and seems to work https://maven.apache.org/plugins/maven-assembly-plugin/
example:
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> <executions> <execution> <phase>package</phase> <goals> <goal>single</goal> </goals> <configuration> <archive> <manifest> <mainClass> your.class.with.main.method </mainClass> </manifest> </archive> <descriptorRefs> <descriptorRef>jar-with-dependencies</descriptorRef> </descriptorRefs> </configuration> </execution> </executions> </plugin>build your jar with dependencies included:
mvn package讨论(0) -
After surfing the internet for hours, and still unable to find the solution, I stumbled upon this command which solved my problem:
zip -d yourjar.jar 'META-INF/.SF' 'META-INF/.RSA' 'META-INF/*SF'This command rips off the signature files for the previous jars, and then once you sign it you'l find no error.
讨论(0) -
I was trying to create an uber jar with maven and ran in to this problem and I was able to solve the issue as follows.
Here is how I configured the
shadeplugin to includetwitter4jto my uber jar.<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-shade-plugin</artifactId> <version>2.4.2</version> <executions> <execution> <phase>package</phase> <goals> <goal>shade</goal> </goals> <configuration> <filters> <filter> <artifact>spark-streaming-twitter_2.10:spark-streaming-twitter_2.10</artifact> <includes> <include>**</include> </includes> </filter> <filter> <artifact>twitter4j-stream:twitter4j-stream</artifact> <includes> <include>**</include> </includes> </filter> <filter> <artifact>*:*</artifact> <excludes> <exclude>META-INF/*.SF</exclude> <exclude>META-INF/*.DSA</exclude> <exclude>META-INF/*.RSA</exclude> </excludes> </filter> </filters> </configuration> </execution> </executions> </plugin>Hope this helps.
讨论(0) -
I was having similar issues, I added Bounty Castle dependency that was causing this error. Just removed it and after that it worked okay.
讨论(0) -
I think i got the solution for my own question, addition of tags mentioned below to the
pom.xmlsolves the issue:<excludes> <exclude>META-INF/*.SF</exclude> <exclude>META-INF/*.DSA</exclude> <exclude>META-INF/*.RSA</exclude> <exclude>junit:junit</exclude> <exclude>org.apache.maven:lib:tests</exclude> </excludes>http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Signed_JAR_File
讨论(0) -
The following Stackexchange question and answer worked for me. It uses a filter instead of and artifactSet exclude. I have tried the solutions in the above answer and it didn't work.
"Invalid signature file" when attempting to run a .jar
讨论(0)
加载中...
- 热议问题