Re: apparently not passing keystore password along

2018-03-20 Thread Phil Edwards
Thank you muchly! Am in total agreement with comment #4 wrt Oracle's bug reporting tools. On Tue, Mar 20, 2018 at 7:27 AM, Stefan Bodewig wrote: > On 2018-03-19, Phil Edwards wrote: > >> On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai >> wrot\ > e: > >>> Would you like to file a bug here >>> h

Re: apparently not passing keystore password along

2018-03-20 Thread Stefan Bodewig
On 2018-03-19, Phil Edwards wrote: > On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai wrot\ e: >> Would you like to file a bug here >> https://bz.apache.org/bugzilla/describecomponents.cgi?product=Ant > I will try, although my toleration for bugzilla in general has about reached > an all-time low.

Re: apparently not passing keystore password along

2018-03-19 Thread Phil Edwards
On Sat, Mar 17, 2018 at 4:36 AM, Jaikiran Pai wrote: > "The -storepass, -keypass, -sigfile, -sigalg, -digestalg, -signedjar, and > TSA-related options are only relevant when signing a JAR file; they are not > relevant when verifying a signed JAR file. The -keystore option is relevant > for signing

Re: apparently not passing keystore password along

2018-03-17 Thread Jaikiran Pai
Looking at the jarsigner tool and the verifyjar Ant task and based on what you note, to me, this looks like the bug really is in the "alias" not being passed by the verifyjar task. The storepass not being used isn't a bug IMO, since the jarsigner documentation[1] states: "The -storepass, -ke

apparently not passing keystore password along

2018-03-16 Thread Phil Edwards
We're using 1.10.1 to build and sign an executable JAR file. All of that has been working fine for a while now. Out of paranoia, we've been asked to run the task to our post-build "quick check that this isn't gratuitously broken" target. (Other targets do more extensive testing including, you k