Skip to main content


Eclipse Community Forums

      Home
Home » Eclipse Projects » Equinox » Runtime arguments to verify digitally signed bundles
Runtime arguments to verify digitally signed bundles [message #1718640] Mon, 28 December 2015 11:02 Go to next message
Eclipse UserFriend
Hello, I am following a book which provides example for Apache Felix however I am using Eclipse Equinox (as part of Apache Aries). The book has an example about signed bundles and how to apply security around this concept.

In the book Felix receives two runtime arguments; 

java -Dorg.osgi.framework.security=osgi \
-Dfelix.keystore=file:certificates.ks \
-Dfelix.keystore.pass=foobar \
-Dfelix.keystore.type=jks \
-jar launcher.jar bundles


My question is; what is the equivalent of -Dfelix.keystore, -Dfelix.keystore.pass and -Dfelix.keystore.type for Eclipse Equinox?

I tried to find my answer here:
http://help.eclipse.org/juno/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Freference%2Fmisc%2Fruntime-options.html

and here

http://help.eclipse.org/mars/index.jsp?topic=%2Forg.eclipse.platform.doc.user%2Freference%2Fref-securestorage-options.htm

These refer to the command line arguments: -eclipse.keyring and -eclipse.password (clearly marked as Equinox).

Are these the same thing or something different? Would I put my certificate password in a file and point eclipse.password to this?
Re: Runtime arguments to verify digitally signed bundles [message #1719030 is a reply to message #1718640] Mon, 04 January 2016 09:39 Go to previous message
Eclipse UserFriend
For the keystore Equinox only supports the standard OSGi Option:

https://osgi.org/javadoc/r6/core/org/osgi/framework/Constants.html#FRAMEWORK_TRUST_REPOSITORIES

See the javadoc, but this option requires the keystore to NOT require passwords to read public keys.

If you need something more advanced you can register your own TrustEngine implementation:

http://help.eclipse.org/mars/index.jsp?topic=%2Forg.eclipse.platform.doc.isv%2Freference%2Fapi%2Forg%2Feclipse%2Fosgi%2Fservice%2Fsecurity%2FTrustEngine.html
Previous Topic:[p2] Querying Babel p2 repository for language packs
Next Topic:Serving resources from different bundles with HttpContextId defined
Goto Forum:
  


Current Time: Mon Apr 28 00:05:51 EDT 2025

Powered by FUDForum. Page generated in 0.03375 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly