Migrating from Tomcat 6x to 7x

The official guide from Apache

Migrating from 6.0.x to 7.0.x

Apache Tomcat 7.0.x requires Java 6 or later. Apache Tomcat 6.0.x required Java 5.

Details in https://tomcat.apache.org/migration-7.html

JDK8u111/112 – MD5 is no longer considered secure

Oracle JRE will no longer trust MD5-signed code by default

Beginning with the April 2017 Critical Patch Update, JAR files signed using MD5 (RSA algorithm) will no longer be considered as signed by the Oracle JRE.

Oracle Java SE 8u131 which will be released with the April 2017 Critical Patch Update.


Affected applications: Java applets, or Java Web Start applications.

To check your app/jar file:

jarsigner -verify -J-Djava.security.debug=jar mySynopticApp.jar

To remove any existing MD5 signatures first before re-signing using the zip utility as follows:
zip -d mySynopticApp.jar 'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*.DSA'