1

我正在尝试使用以下 pom.xml 配置对 jar 文件进行签名。

            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jarsigner-plugin</artifactId>
                <version>1.4</version>
                <executions>
                    <execution>
                        <id>sign</id>
                        <phase>package</phase>
                        <goals>
                            <goal>sign</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <archive>${basedir}/target/ROOT.jar</archive>
                    <keystore>${basedir}/keystore.jks</keystore>
                    <alias>my_certificate_alias</alias>
                    <storepass>123456</storepass>
                    <keypass>123456</keypass>
                </configuration>
            </plugin>

keystore.jks 与 pom.xml 位于同一文件夹中。运行“mvn clean package”后,ROOT.jar 在目标中可用。allias 是正确的,使用的密码也是正确的。

当我使用“jarsigner -verify path\to\target\ROOT.jar”验证 jar 时

我得到“jar 未签名”。有人知道我的 pom 有什么问题吗?

编辑:Apache Maven 3.5.2 Java 版本:1.8.0_161 完整 Pom:

<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns="http://maven.apache.org/POM/4.0.0"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.microsoft.tfs.demo</groupId>
  <artifactId>DeepSpace</artifactId>

  <packaging>jar</packaging>
  <version>1.0-SNAPSHOT</version>
  <name>Deep Space Bootcamp Sample App</name>
  <url>http://maven.apache.org</url>

  <properties>
      <mvn.compiler.version>3.0</mvn.compiler.version>
       <maven.jetty.version>6.1.12</maven.jetty.version>
      <jersey.version>2.17</jersey.version>
  </properties>

  <dependencies>
    <dependency>
        <groupId>org.glassfish.jersey.containers</groupId>
        <artifactId>jersey-container-servlet-core</artifactId>
        <version>${jersey.version}</version>
    </dependency>

    <dependency>
        <groupId>org.glassfish.jersey.media</groupId>
        <artifactId>jersey-media-json-jackson</artifactId>
        <version>${jersey.version}</version>
    </dependency>

    <dependency>
        <groupId>junit</groupId>
        <artifactId>junit</artifactId>
        <version>4.11</version>
        <scope>test</scope>
    </dependency>
</dependencies>

<build>
    <pluginManagement>
        <plugins>
            <plugin>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>${mvn.compiler.version}</version>
                <configuration>
                    <compilerArgument>-Xlint:unchecked</compilerArgument>
                    <source>1.6</source>
                    <target>1.6</target>
                </configuration>
            </plugin>

            <plugin>
                <groupId>org.mortbay.jetty</groupId>
                <artifactId>maven-jetty-plugin</artifactId>
                <version>${maven.jetty.version}</version>
                <configuration>
                    <scanIntervalSeconds>5</scanIntervalSeconds>
                    <contextPath>/</contextPath>
                    <connectors>
                        <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
                            <port>3030</port>
                            <maxIdleTime>60000</maxIdleTime>
                            <headerBufferSize>16384</headerBufferSize>
                        </connector>
                    </connectors>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jarsigner-plugin</artifactId>
                <version>1.4</version>
                <executions>
                    <execution>
                        <id>signer</id>
                        <phase>prepare-package</phase>
                        <goals>
                            <goal>sign</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <archive>${basedir}/target/ROOT.jar</archive>
                    <keystore>${basedir}/keystore.jks</keystore>
                    <alias>my_certificate_alias</alias>
                    <storepass>123456</storepass>
                    <keypass>123456</keypass>
                </configuration>
            </plugin>
        </plugins>
    </pluginManagement>
    <finalName>ROOT</finalName>
</build>

4

1 回答 1

3

我假设完整的 POM 是正确的(它与您的初始片段不同)。

jarsigner声明移到该<pluginManagement>部分之外:

<build>
  <pluginManagement>
     <plugins>
       ... <!-- Move the jarsigner from here -->
     </plugins>
  </pluginManagement>
  <plugins>
    <!-- To here: -->
    <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-jarsigner-plugin</artifactId>
      <version>1.4</version>
      <executions>
        <execution>
          <id>signer</id>
          <phase>prepare-package</phase>
          <goals>
            <goal>sign</goal>
          </goals>
         </execution>
      </executions>
      <configuration>
        <archive>${basedir}/target/ROOT.jar</archive>
        <keystore>${basedir}/keystore.jks</keystore>
        <alias>my_certificate_alias</alias>
        <storepass>123456</storepass>
        <keypass>123456</keypass>
      </configuration>
    </plugin>
  </plugins>
</build>

接下来,将<phase>from更改prepare-packagepackage

  <execution>
    <id>signer</id>
    <phase>package</phase>  <!-- The JAR is not created in prepare-package -->
    <goals>
      <goal>sign</goal>
    </goals>
  </execution>
于 2018-02-09T12:47:28.987 回答