Java 尝试运行 jar 文件时,Manifest 主要属性异常的无效签名文件摘要
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34855649/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Invalid signature file digest for Manifest main attributes exception while trying to run jar file
提问by Fay007
I am trying to run the jar file of my project. I am working on intelliJ and have use artifacts to generate the jar file. But everytime i am trying to run my jar file its giving me exception.
我正在尝试运行我的项目的 jar 文件。我正在研究 intelliJ 并使用工件来生成 jar 文件。但是每次我试图运行我的 jar 文件时,它都会给我一个例外。
java.lang.SecurityException: Invalid signature file digest for Manifest main attributes
at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:284)
at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:238)
at java.util.jar.JarVerifier.processEntry(JarVerifier.java:316)
at java.util.jar.JarVerifier.update(JarVerifier.java:228)
at java.util.jar.JarFile.initializeVerifier(JarFile.java:383)
at java.util.jar.JarFile.getInputStream(JarFile.java:450)
at sun.misc.JarIndex.getJarIndex(JarIndex.java:137)
at sun.misc.URLClassPath$JarLoader.run(URLClassPath.java:839)
at sun.misc.URLClassPath$JarLoader.run(URLClassPath.java:831)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath$JarLoader.ensureOpen(URLClassPath.java:830)
at sun.misc.URLClassPath$JarLoader.<init>(URLClassPath.java:803)
at sun.misc.URLClassPath.run(URLClassPath.java:530)
at sun.misc.URLClassPath.run(URLClassPath.java:520)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:519)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:492)
at sun.misc.URLClassPath.getNextLoader(URLClassPath.java:457)
at sun.misc.URLClassPath.getResource(URLClassPath.java:211)
at java.net.URLClassLoader.run(URLClassLoader.java:365)
at java.net.URLClassLoader.run(URLClassLoader.java:362)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:495)
Error: A JNI error has occurred, please check your installation and try again
Exception in thread "main"
And this is my manifest file:
这是我的清单文件:
Manifest-Version: 1.0
Main-Class: Main
Then the external libraries added to my project
然后外部库添加到我的项目中
What am i doing wrong??
我究竟做错了什么??
update
更新
采纳答案by hagrawal
Some of your dependency JARs is a signed JAR, so when you combine then all in one JAR and run that JAR then signature of the signed JAR doesn't match up and hence you get the security exception about signature mis-match.
您的某些依赖 JAR 是签名的 JAR,因此当您将所有 JAR 合并到一个 JAR 中并运行该 JAR 时,签名的 JAR 的签名不匹配,因此您会收到有关签名不匹配的安全异常。
To fix this you need to first identify which all dependency JARs are signed JARs and then exclude them. Depending upon whether you are using MAVEN or ANT, you have to take appropriate solution. Below are but you can read more here, hereand here.
要解决这个问题,您需要首先确定哪些所有依赖 JAR 是签名的 JAR,然后排除它们。根据您使用的是 MAVEN 还是 ANT,您必须采取适当的解决方案。以下是但您可以在此处、此处和此处阅读更多信息。
Maven:
马文:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.6</version>
<executions>
<execution>
<id>unpack-dependencies</id>
<phase>package</phase>
<goals>
<goal>unpack-dependencies</goal>
</goals>
<configuration>
<excludeScope>system</excludeScope>
<excludes>META-INF/*.SF</excludes>
<excludes>META-INF/*.DSA</excludes>
<excludes>META-INF/*.RSA</excludes>
<excludeGroupIds>junit,org.mockito,org.hamcrest</excludeGroupIds>
<outputDirectory>${project.build.directory}/classes</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
ANT:
蚂蚁:
<jar destfile="app.jar" basedir="${classes.dir}">
<zipfileset excludes="META-INF/**/*" src="${lib.dir}/bcprov-jdk16-145.jar"></zipfileset>
<manifest>
<attribute name="Main-Class" value="app.Main"/>
</manifest>
</jar>
Update based on OP's comment:
根据 OP 的评论更新:
"sqljdbc4.jar" was the signed JAR in OP's external libraries. So, following above approach to systematically exclude the signature related files like .SF, .RSA or .DES or other algorithms files is the right way to move forward.
“sqljdbc4.jar”是 OP 外部库中的签名 JAR。因此,按照上述方法系统地排除签名相关文件,如 .SF、.RSA 或 .DES 或其他算法文件是前进的正确方法。
If these signature files are not excluded then security exception will occur because of signature mismatch.
如果不排除这些签名文件,则会因为签名不匹配而发生安全异常。
How to know if a JAR is signed or not?:If a JAR contains files like files like .SF, .RSA or .DES or other algorithms files, then it is a signed JAR.
如何知道 JAR 是否已签名?:如果 JAR 包含诸如 .SF、.RSA 或 .DES 之类的文件或其他算法文件,则它是已签名的 JAR。
回答by Cristián Hidalgo
Instead of deleting the META-INF file, I changed the method in the Artifact definition. I deleted the "Extracted" library from the Artifact and added it again as "Put into Output Root".
我没有删除 META-INF 文件,而是更改了工件定义中的方法。我从 Artifact 中删除了“Extracted”库,并再次将其添加为“Put into Output Root”。
This way the library will be incorporated without any changes in the new jar file, which I assume is the objective of signing the library...
这样,库将被合并,而不会在新的 jar 文件中进行任何更改,我认为这是对库进行签名的目标...
By the way, I am also using the sqljdbc.jar.
顺便说一下,我也在使用 sqljdbc.jar。
回答by Coffee_fan
In my case, I am working with an uber-jar via maven-shade-plugin and @ruhsuzbaykus answer herewas the solution. The strategy seems very similar to what @hagrawal proposes but the exclusions are added as a filter configuration of maven-shade-plugin.
就我而言,我正在通过 maven-shade-plugin 使用 uber-jar,@ruhsuzbaykus 的答案是这里的解决方案。该策略似乎与@hagrawal 提出的策略非常相似,但将排除项添加为 maven-shade-plugin 的过滤器配置。
回答by Ted
I put the plugin snippet into pom.xml but in the generated jar file there is still META-INF/BCKEY.DSA I am using Maven 3.6.0 and Java 1.8 build 191
我将插件片段放入 pom.xml 但在生成的 jar 文件中仍然有 META-INF/BCKEY.DSA 我使用的是 Maven 3.6.0 和 Java 1.8 build 191
