由于时间戳请求拒绝,webstart-maven-plugin 无法签署 jar

webstart-maven-plugin can not sign jar due to timestamp request rejection

我们有一个项目使用 webstart-maven-plugin 创建一个 Java Webstart JNLP 工件。

但是在maven编译时我总是得到

[ERROR] Failed to execute goal org.codehaus.mojo:webstart-maven-plugin:1.0-beta-6:jnlp-download-servlet (default) on project webstart: Could not sign jar ...\target\jnlp\libs\unprocessed_commons-codec-1.10.jar, use -X to have detail of error

运行 和 -X 显示:

jarsigner: unable to sign jar: java.io.IOException: Error generating timestamp: the timestamp request was rejected. Unrecognized or unsupported algorithm identifier.

由于 this bug,我将 JDK 更新为 1.8(仅用于测试目的,因为我目前的产品仍需要 1.7):

java -version  
java version "1.8.0_172"  
Java(TM) SE Runtime    Environment (build 1.8.0_172-b11)

但我仍然遇到上述错误。

要获取时间戳,我们使用 URL http://sha1timestamp.ws.symantec.com/sha1/timestamp,请参阅下面的 maven 插件配置。

我的问题是:对于我的同事来说它有效,他们有相同的 Java 版本,相同的 maven 项目设置等。 因此,它必须是我本地环境中的问题。有什么想法吗?

<plugin>
    <groupId>org.codehaus.mojo</groupId>
    <artifactId>webstart-maven-plugin</artifactId>
    <version>1.0-beta-6</version>
    <executions>
        <execution>
            <phase>process-resources</phase>
            <goals>
                <goal>jnlp-download-servlet</goal>
            </goals>
        </execution>
    </executions>
    <configuration>
        <outputJarVersions>true</outputJarVersions>
        <outputDirectoryName>webstart</outputDirectoryName>
        <excludeTransitive>false</excludeTransitive>
        <templateDirectory>src/main/resources/jnlp</templateDirectory>
        <libPath>libs</libPath>
        <verbose>true</verbose>
        <unsignAlreadySignedJars>true</unsignAlreadySignedJars>
        <jnlpFiles>
            <jnlpFile>
                <templateFilename>abc.vm</templateFilename>
                <outputFilename>abc.jnlp</outputFilename>
                <jarResources>
                    ...
                </jarResources>
            </jnlpFile>
        </jnlpFiles>
        <sign>
            <keystore>${pathKeystore}</keystore>
            <storepass>${passstore}</storepass>
            <keypass>${passkey}</keypass>
            <alias>${alias}</alias>
            <tsaLocation>${tsaLocation}</tsaLocation>
            <arguments>
                <argument>-J-Djavax.net.ssl.trustStore=${project.build.directory}/../myTruststore.jks</argument>
                <argument>-J-Djavax.net.ssl.trustStorePassword=myPassword</argument>
                <argument>-J-Djavax.net.ssl.keyStore=${project.build.directory}/../myTruststore.jks</argument>
                <argument>-J-Djavax.net.ssl.keyStorePassword=myPassword</argument>
                <argument>-J-Dhttps.proxyHost=proxy.mycompany.com</argument>
                <argument>-J-Dhttps.proxyPort=3128</argument>
                <argument>-J-Dhttp.proxyHost=proxy.mycompany.com</argument>
                <argument>-J-Dhttp.proxyPort=3128</argument>
            </arguments>

        </sign>
        <unsign>true</unsign> <!-- unsign already signed packages and sign them with own key -->
    </configuration>
</plugin>

...         
<tsaLocation>http://sha1timestamp.ws.symantec.com/sha1/timestamp</tsaLocation>

当我移除时构建工作正常

<tsaLocation>${tsaLocation}</tsaLocation>

从签名配置 --> 没有从时间戳服务器获取时间戳,但 jar 已签名。