Wolfgang Rosenauer wrote: >>> So I wonder how it could pass the crypto verification? >> What are the contents of testy.jar exactly? Does it include the META-INF >> subdirectory with manifest.mf and zigbert.{sf,rsa}? Otherwise, the above >> message is simply what you get when checking an unsigned jar: > > 5301 02-07-07 15:17 content/META-INF/zigbert.sf > 3469 02-07-07 15:17 content/META-INF/zigbert.rsa > 5193 02-07-07 15:17 content/META-INF/manifest.mf > > I did one more test and created the jar by signtool's -Z option instead > of signing the tree and "zip" it afterwards and that worked. But > according to the documentation it should also be possible to zip a > signed tree instead of using signtool's feature.
ok, META-INF stuff has to be in the top level directory structure which wasn't the case if signtool was called with content/ as path and I want content/ to be actually within the jar. No problem, but only a pilot error then! Wolfgang _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto