Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Equinox » Runtime arguments to verify digitally signed bundles
Runtime arguments to verify digitally signed bundles [message #1718640] Mon, 28 December 2015 16:02 Go to next message
Simon Joseph Aquilina is currently offline Simon Joseph AquilinaFriend
Messages: 4
Registered: July 2014
Junior Member
Hello, I am following a book which provides example for Apache Felix however I am using Eclipse Equinox (as part of Apache Aries). The book has an example about signed bundles and how to apply security around this concept.

In the book Felix receives two runtime arguments;

java -Dorg.osgi.framework.security=osgi \
-Dfelix.keystore=file:certificates.ks \
-Dfelix.keystore.pass=foobar \
-Dfelix.keystore.type=jks \
-jar launcher.jar bundles


My question is; what is the equivalent of -Dfelix.keystore, -Dfelix.keystore.pass and -Dfelix.keystore.type for Eclipse Equinox?

I tried to find my answer here:
http://help.eclipse.org/juno/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Freference%2Fmisc%2Fruntime-options.html

and here

http://help.eclipse.org/mars/index.jsp?topic=%2Forg.eclipse.platform.doc.user%2Freference%2Fref-securestorage-options.htm

These refer to the command line arguments: -eclipse.keyring and -eclipse.password (clearly marked as Equinox).

Are these the same thing or something different? Would I put my certificate password in a file and point eclipse.password to this?
Re: Runtime arguments to verify digitally signed bundles [message #1719030 is a reply to message #1718640] Mon, 04 January 2016 14:39 Go to previous message
Thomas Watson is currently offline Thomas WatsonFriend
Messages: 490
Registered: July 2009
Senior Member
For the keystore Equinox only supports the standard OSGi Option:

https://osgi.org/javadoc/r6/core/org/osgi/framework/Constants.html#FRAMEWORK_TRUST_REPOSITORIES

See the javadoc, but this option requires the keystore to NOT require passwords to read public keys.

If you need something more advanced you can register your own TrustEngine implementation:

http://help.eclipse.org/mars/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Freference%2Fapi%2Forg%2Feclipse%2Fosgi%2Fservice%2Fsecurity%2FTrustEngine.html
Previous Topic:[p2] Querying Babel p2 repository for language packs
Next Topic:Serving resources from different bundles with HttpContextId defined
Goto Forum:
  


Current Time: Fri Nov 16 06:25:41 GMT 2018

Powered by FUDForum. Page generated in 0.04663 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top