java.lang.SecurityException: Invalid signature file digest for Manifest main attributes 文件签名不合法-CSDN博客

本文链接：https://blog.csdn.net/weixin_43253207/article/details/122997458

class name : com.xstore.order.middleware.api.order.read.model.omni.OmniConsigneeInfo load error!
java.lang.SecurityException: Invalid signature file digest for Manifest main attributes
at sun.security.util.SignatureFileVerifier.processImpl(SignatureFileVerifier.java:284) ~[?:1.8.0_60]
at sun.security.util.SignatureFileVerifier.process(SignatureFileVerifier.java:238) ~[?:1.8.0_60]
at java.util.jar.JarVerifier.processEntry(JarVerifier.java:316) ~[?:1.8.0_60]
at java.util.jar.JarVerifier.update(JarVerifier.java:228) ~[?:1.8.0_60]
at java.util.jar.JarFile.initializeVerifier(JarFile.java:383) ~[?:1.8.0_60]
at java.util.jar.JarFile.getInputStream(JarFile.java:450) ~[?:1.8.0_60]
at sun.misc.URLClassPath$JarLoader$2.getInputStream(URLClassPath.java:940) ~[?:1.8.0_60]
at sun.misc.Resource.cachedInputStream(Resource.java:77) ~[?:1.8.0_60]
at sun.misc.Resource.getByteBuffer(Resource.java:160) ~[?:1.8.0_60]
at java.net.URLClassLoader.defineClass(URLClassLoader.java:454) ~[?:1.8.0_60]
at java.net.URLClassLoader.access$100(URLClassLoader.java:73) ~[?:1.8.0_60]
at java.net.URLClassLoader$1.run(URLClassLoader.java:368) ~[?:1.8.0_60]
at java.net.URLClassLoader$1.run(URLClassLoader.java:362) ~[?:1.8.0_60]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_60]
at java.net.URLClassLoader.findClass(URLClassLoader.java:361) ~[?:1.8.0_60]
at java.lang.ClassLoader.loadClass(ClassLoader.java:424) ~[?:1.8.0_60]
at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ~[?:1.8.0_60]
at com.jd.cjg.businessidentity.service.identitypack.analyzer.JdkJarScanner.fatJarClzFilter(JdkJarScanner.java:82) ~[business-identity-service-2.3.1-SNAPSHOT.jar:?]
at com.jd.cjg.businessidentity.service.identitypack.analyzer.JdkJarScanner.scanFatJar(JdkJarScanner.java:52) ~[business-identity-service-2.3.1-SNAPSHOT.jar:?]
at com.jd.cjg.businessidentity.service.identitypack.analyzer.v2.command.FatJarScanCmd.execute(FatJarScanCmd.java:39) ~[business-identity-service-2.3.1-SNAPSHOT.jar:?]

在使用热加载过程中，开发使用的fat打包，执行热加载时，有如上报错信息，

一、问题原因

打包之后的META-INF的目录下多出了一些*.SF,*.DSA,*.RSA文件所致，如下截图：

二、解决方案

需要重新打jar包，修改pom配置如下：

    <build>
        <plugins>
            <!-- 创建一个fat jar,包含所有必须的依赖 -->
            <!-- 根据自己的main函数替换<mainClass>...</mainClass>中的配置 -->
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-shade-plugin</artifactId>
                <version>2.4.3</version>
                <configuration>
                    <!-- 需要包含最全类文件-->
                    <minimizeJar>false</minimizeJar>
                    <filters>
                        <filter>
                            <artifact>*:*</artifact>
                            <excludes>
                                <exclude>META-INF/*.SF</exclude>
                                <exclude>META-INF/*.DSA</exclude>
                                <exclude>META-INF/*.RSA</exclude>
                            </excludes>
                        </filter>
                    </filters>
                </configuration>
                <executions>
                    <execution>
                        <phase>package</phase>
                        <goals>
                            <goal>shade</goal>
                        </goals>
                        <configuration>
                            <shadedArtifactAttached>true</shadedArtifactAttached>
                            <shadedClassifierName>biz</shadedClassifierName>
                        </configuration>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>

重新打包后，可以热加载了