1

I am trying to sign a jar file with the following pom.xml config. 

            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jarsigner-plugin</artifactId>
                <version>1.4</version>
                <executions>
                    <execution>
                        <id>sign</id>
                        <phase>package</phase>
                        <goals>
                            <goal>sign</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <archive>${basedir}/target/ROOT.jar</archive>
                    <keystore>${basedir}/keystore.jks</keystore>
                    <alias>my_certificate_alias</alias>
                    <storepass>123456</storepass>
                    <keypass>123456</keypass>
                </configuration>
            </plugin>

keystore.jks is located in the same folder as the pom.xml. ROOT.jar is available in target after running "mvn clean package". allias is correct and so are the passwords used.

When I verify the jar with "jarsigner -verify path\to\target\ROOT.jar"

I get "jar is unsigned." Does anyone have a clue what is wrong with my pom?

Edit: Apache Maven 3.5.2 Java version: 1.8.0_161 Full Pom:

<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns="http://maven.apache.org/POM/4.0.0"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.microsoft.tfs.demo</groupId>
  <artifactId>DeepSpace</artifactId>

  <packaging>jar</packaging>
  <version>1.0-SNAPSHOT</version>
  <name>Deep Space Bootcamp Sample App</name>
  <url>http://maven.apache.org</url>

  <properties>
      <mvn.compiler.version>3.0</mvn.compiler.version>
       <maven.jetty.version>6.1.12</maven.jetty.version>
      <jersey.version>2.17</jersey.version>
  </properties>

  <dependencies>
    <dependency>
        <groupId>org.glassfish.jersey.containers</groupId>
        <artifactId>jersey-container-servlet-core</artifactId>
        <version>${jersey.version}</version>
    </dependency>

    <dependency>
        <groupId>org.glassfish.jersey.media</groupId>
        <artifactId>jersey-media-json-jackson</artifactId>
        <version>${jersey.version}</version>
    </dependency>

    <dependency>
        <groupId>junit</groupId>
        <artifactId>junit</artifactId>
        <version>4.11</version>
        <scope>test</scope>
    </dependency>
</dependencies>

<build>
    <pluginManagement>
        <plugins>
            <plugin>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>${mvn.compiler.version}</version>
                <configuration>
                    <compilerArgument>-Xlint:unchecked</compilerArgument>
                    <source>1.6</source>
                    <target>1.6</target>
                </configuration>
            </plugin>

            <plugin>
                <groupId>org.mortbay.jetty</groupId>
                <artifactId>maven-jetty-plugin</artifactId>
                <version>${maven.jetty.version}</version>
                <configuration>
                    <scanIntervalSeconds>5</scanIntervalSeconds>
                    <contextPath>/</contextPath>
                    <connectors>
                        <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
                            <port>3030</port>
                            <maxIdleTime>60000</maxIdleTime>
                            <headerBufferSize>16384</headerBufferSize>
                        </connector>
                    </connectors>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jarsigner-plugin</artifactId>
                <version>1.4</version>
                <executions>
                    <execution>
                        <id>signer</id>
                        <phase>prepare-package</phase>
                        <goals>
                            <goal>sign</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <archive>${basedir}/target/ROOT.jar</archive>
                    <keystore>${basedir}/keystore.jks</keystore>
                    <alias>my_certificate_alias</alias>
                    <storepass>123456</storepass>
                    <keypass>123456</keypass>
                </configuration>
            </plugin>
        </plugins>
    </pluginManagement>
    <finalName>ROOT</finalName>
</build>

Akah
  • 1,890
  • 20
  • 28
Igor
  • 323
  • 2
  • 13

1 Answers1

3

I am assuming that the full POM is the correct one (it differs from your initial snippet).

Move the jarsigner declaration outside the <pluginManagement> section:

<build>
  <pluginManagement>
     <plugins>
       ... <!-- Move the jarsigner from here -->
     </plugins>
  </pluginManagement>
  <plugins>
    <!-- To here: -->
    <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-jarsigner-plugin</artifactId>
      <version>1.4</version>
      <executions>
        <execution>
          <id>signer</id>
          <phase>prepare-package</phase>
          <goals>
            <goal>sign</goal>
          </goals>
         </execution>
      </executions>
      <configuration>
        <archive>${basedir}/target/ROOT.jar</archive>
        <keystore>${basedir}/keystore.jks</keystore>
        <alias>my_certificate_alias</alias>
        <storepass>123456</storepass>
        <keypass>123456</keypass>
      </configuration>
    </plugin>
  </plugins>
</build>

Next, change the <phase> from prepare-package to package:

  <execution>
    <id>signer</id>
    <phase>package</phase>  <!-- The JAR is not created in prepare-package -->
    <goals>
      <goal>sign</goal>
    </goals>
  </execution>
Daniel
  • 4,033
  • 4
  • 24
  • 33