I have problems with signing jar files. I have some files in META-INF directory and they do NOT get signed when I use jarsigner, but then, the verification fails because of unsigned entries.
I'm not creating the jar, so I cannot change its structure and/or remove files.
How to get files from META-INF signed?
Here is the part of build.xml file that is manipulating the JAR file:
1345 <jar destfile="${proj.build.webui.war.dir}/name.jar"
1346 update="true">
1347 <manifest>
1348 <attribute name="Permissions"
1349 value="all-permissions"/>
1350 <attribute name="Codebase"
1351 value="*"/>
1352 <attribute name="Trusted-Library"
1353 value="true"/>
1354 </manifest>
1355 </jar>
1356 <!-- sign the jar files -->
1357 <chmod perm="u+x">
1358 <fileset dir="${proj.buildtools.dir}">
1359 <include name="DsJarSigner"/>
1360 </fileset>
1361 </chmod>
1362 <signjar destDir="${proj.build.webui.war.dir}"
1363 alias="encryptedAlias"
1364 keystore="${proj.buildtools.dir}/keystore.jks"
1365 storepass="encryptedPassword"
1366 executable="${proj.buildtools.dir}/DsJarSigner"
1367 preservelastmodified="true" >
1368 <path>
1369 <fileset dir="${proj.build.webui.war.dir}" includes="name.jar" />
1370 </path>
1371 <flattenmapper />
1372 </signjar>
DsJarSigner is a simple Java program calling jarsigner.