在启动由模板签名的JNLP时，不断得到“JNLPSigningException[未能验证启动文件的签名]”

我们决定按照以下oracle指南对JNLP文件进行签名。由于我们有不同的JNLP，所以我们采用了第二种方法（用JNLP模板对JAR文件进行签名）。

下面是我们提取到模板中的代码：

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="*" href="*">
  <information>
    <title>*</title>
    <vendor>My vendor</vendor>
    <description>My description</description>
    <icon href="splash.jpg" kind="splash" width="700" height="400" size="115258"/>
    <offline-allowed />
    <shortcut>
      <menu submenu="My submenu"/>
    </shortcut>
  </information>

  <security>
    <all-permissions/>
  </security>

  <resources locale="en es ja">
    <j2se version="1.6+" initial-heap-size="128m" max-heap-size="384m" href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="myjar.jar" main="true" download="lazy" part="core" size="*"/>
    <jar href="lib/commons-lang-2.6.jar" download="lazy" part="commons" size="297085"/>
    ...
    <jar href="lib/trident-6.0.jar" download="lazy" part="core" size="114496"/>
    <property name="jnlp.myProperty" value="*"/>
    <property name="log4j.configuration" value="*"/>
  </resources>

  <application-desc main-class="com.mycom.myapp.MyClass">
  </application-desc>
</jnlp>

...这是我们实际使用的JNLP之一：

<?xml version="1.0" encoding="UTF-8"?>
<jnlp spec="1.0+" codebase="http://mylocation.mycom.com/jnlp/myapp/" href="myapp.jnlp">
  <information>
    <title>My App - Production version</title>
    <vendor>My vendor</vendor>
    <description>My description</description>
    <icon href="splash.jpg" kind="splash" width="700" height="400" size="115258"/>
    <offline-allowed />
    <shortcut>
      <menu submenu="My submenu"/>
    </shortcut>
  </information>

  <security>
    <all-permissions/>
  </security>

  <resources locale="en es ja">
    <j2se version="1.6+" initial-heap-size="128m" max-heap-size="384m" href="http://java.sun.com/products/autodl/j2se"/>
    <jar href="myjar.jar" main="true" download="lazy" part="core" size="4189501"/>
    <jar href="lib/commons-lang-2.6.jar" download="lazy" part="commons" size="297085"/>
    ...
    <jar href="lib/trident-6.0.jar" download="lazy" part="core" size="114496"/>
    <property name="jnlp.myProperty" value="http://mylocation.mycom.com/jnlp/myapp/MyApp.properties"/>
    <property name="log4j.configuration" value="http://mylocation.mycom.com/jnlp/myapp/log4j.xml"/>
  </resources>

  <application-desc main-class="com.mycom.myapp.MyClass">
  </application-desc>
</jnlp>

null

未能验证启动文件的签名。签名的版本与下载的版本不匹配。

有人知道我错过了什么吗？