0

I have a program that generates two JAR files from the maven-assembly-plugin. I want to use the maven-jarsigner-plugin to sign both jars. When I apply the the basic jarsigner, it only signs one of the JARS. When I add the archive directory field:

<archiveDirectory>${project.basedir}/target</archiveDirectory>

It fails either with a generic 'failed executing' the sign command or that it cannot rename the .jar to .jar.orig while signing the second jar. The only thing that would/could be using the jar is the build process itself. Has anyone else seen this? This works fine when I remove the 'archiveDirectory' line above and just build one jar, commenting the other out. 

<build>
    <plugins>
        <plugin>
            <artifactId>maven-assembly-plugin</artifactId>
            <version>2.4</version>
            <executions>
                <execution>
                    <id>build-first</id>
                    <configuration>
                        <appendAssemblyId>false</appendAssemblyId>
                        <archive>
                            <manifest>
                                <mainClass>my.class.Executive</mainClass>
                            </manifest>
                            <manifestEntries>
                                <Class-Path>.</Class-Path>
                            </manifestEntries>
                        </archive>
                        <descriptorRefs>
                            <descriptorRef>jar-with-dependencies</descriptorRef>
                        </descriptorRefs>
                        <finalName>DaExecutive</finalName>
                    </configuration>
                    <phase>package</phase>
                    <goals>
                        <goal>single</goal>
                    </goals>
                </execution>
                <execution>
                    <id>build-second</id>
                    <configuration>
                        <appendAssemblyId>false</appendAssemblyId>
                        <archive>
                            <manifest>
                                <mainClass>my.class.ExampleGUI</mainClass>
                            </manifest>
                            <manifestEntries>
                                <Class-Path>.</Class-Path>
                            </manifestEntries>
                        </archive>
                        <descriptorRefs>
                            <descriptorRef>jar-with-dependencies</descriptorRef>
                        </descriptorRefs>
                        <finalName>ExampleAppGui</finalName>
                    </configuration>
                    <phase>package</phase>
                    <goals>
                        <goal>single</goal>
                    </goals>
                </execution>
            </executions>
        </plugin>
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-jarsigner-plugin</artifactId>
            <version>1.4</version>
            <executions>
                <execution>
                    <id>sign</id>
                    <goals>
                        <goal>sign</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>

              <archiveDirectory>${project.basedir}/target</archiveDirectory>                   
                <keystore>${project.basedir}/myKeystore.jks</keystore>
                <storepass>pw</storepass>
                <alias>ABC</alias>
                <verify>false</verify>
            </configuration>
        </plugin>
    </plugins>
</build>

Here is the verbose error output:

[DEBUG] Processing     C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\ExampleAppGui.jar
[DEBUG] cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\ExampleAppGui.jar key_2017"
[DEBUG] Executing: cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\ExampleAppGui.jar key_2017"
[DEBUG] jar signed.
[DEBUG] 
[DEBUG] Warning: 
[DEBUG] The signer certificate will expire within six months.
[DEBUG] No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2019-03-15) or after any future revocation date.
[DEBUG] Processing C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar
[DEBUG] cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar key_2017"
[DEBUG] Executing: cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar key_2017"
[DEBUG] jarsigner: attempt to rename C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar to C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar.orig failed
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 36.631 s
[INFO] Finished at: 2018-10-22T12:29:33-04:00
[INFO] Final Memory: 28M/694M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-jarsigner-plugin:1.4:sign (sign) on project DataAdapter: Failed executing 'cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar key_2017"' - exitcode 1 -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.apache.maven.plugins:maven-jarsigner-plugin:1.4:sign (sign) on project DataAdapter: Failed executing 'cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar key_2017"' - exitcode 1
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:212)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
Caused by: org.apache.maven.plugin.MojoExecutionException: Failed executing 'cmd.exe /X /C ""C:\Program Files\Java\jdk1.8.0_181\jre\..\bin\jarsigner.exe" -keystore C:\Users\atalak\Desktop\GitRepo\DataAdapter/myKeystore.jks -storepass ***** C:\Users\atalak\Desktop\GitRepo\DataAdapter\target\DaExecutive.jar key_2017"' - exitcode 1
    at org.apache.maven.plugins.jarsigner.AbstractJarsignerMojo.processArchive(AbstractJarsignerMojo.java:515)
    at org.apache.maven.plugins.jarsigner.AbstractJarsignerMojo.execute(AbstractJarsignerMojo.java:343)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:207)
    ... 20 more
[ERROR] 
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
Tacitus86
  • 1,314
  • 2
  • 14
  • 36
  • "[DEBUG] jarsigner: attempt to rename" something is locking your jar – Gnk Oct 22 '18 at 17:05
  • Yes, but the only thing that would be doing that is the build itself... I've closed eclipse, restarted the machine. The jar is literally being built in the same process, so only maven could be locking it. – Tacitus86 Oct 22 '18 at 18:21

2 Answers2

0

Check this project, I have made it based on your code.

It signs 3 jar archives.

My plugin tag looks like:

<plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jarsigner-plugin</artifactId>
                <version>1.4</version>
                <executions>
                    <execution>
                        <id>sign</id>
                        <goals>
                            <goal>sign</goal>
                        </goals>
                    </execution>
                    <execution>
                        <id>verify</id>
                        <goals>
                            <goal>verify</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <verbose>true</verbose>
                    <certs>true</certs>
                    <keystore>${basedir}/server.jks</keystore>
                    <alias>server</alias>
                    <storepass>masterkey</storepass>
                    <keypass>masterkey</keypass>
                </configuration>
            </plugin>

It looks like this is the only difference.

Run:

mvn clean package

to generate the archives.

Finally, I figure out why it's not working: remove <appendAssemblyId>false</appendAssemblyId> from both executions. I committed the source code on GitHub.

  • I'm using mvn Clean Install. But also tried Clean Package but I still only get "1 archive(s) processed" in the output. I mirrored your pom settings. – Tacitus86 Oct 22 '18 at 18:15
  • Could it have anything to do with each jar basically being the same code aside from a different main? – Tacitus86 Oct 22 '18 at 18:20
  • I tried this today and it doesn't seem to work on my end. If I remove the appendAssemblyId, I get my outputs being DaExecutive-jar-with-dependencies.jar, etc and also run into the 'cannot rename this .jar to jar.orig" – Tacitus86 Oct 23 '18 at 14:51
0

You set the directory in maven-jarsigner-plugin, maybe he is the one locking your file try 1 plugin for each jar like that

    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-jarsigner-plugin</artifactId>
        <version>1.4</version>
        <executions>
            <execution>
                <id>sign</id>
                <goals>
                    <goal>sign</goal>
                </goals>
            </execution>
        </executions>
        <configuration>
            <archive>${project.basedir}/target/ExampleAppGui.jar</archive>
            <keystore>${project.basedir}/myKeystore.jks</keystore>
            <storepass>pw</storepass>
            <alias>ABC</alias>
            <verify>false</verify>
        </configuration>
    </plugin>

    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-jarsigner-plugin</artifactId>
        <version>1.4</version>
        <executions>
            <execution>
                <id>sign</id>
                <goals>
                    <goal>sign</goal>
                </goals>
            </execution>
        </executions>
        <configuration>
            <archive>${project.basedir}/target/DaExecutive.jar</archive>
            <keystore>${project.basedir}/myKeystore.jks</keystore>
            <storepass>pw</storepass>
            <alias>ABC</alias>
            <verify>false</verify>
        </configuration>
    </plugin>
Gnk
  • 645
  • 4
  • 11