|RE: [equinox-dev] verifying signed bundles|
No, I don`t. I developed a method who check the jar file, verifying the different entries in the Jar file by using Java classes instead of Equinox SignedContentFactory Service, basically because I did not know about this Equinox service when I coded the signature checking method.
thank you for your answer.
For verifying the signatures are you using the SignedContentFactory Service, registered by the Equinox bundle?
equinox-dev-bounces@xxxxxxxxxxx [mailto:equinox-dev-bounces@xxxxxxxxxxx] Im
Auftrag von David Conde
I tried something similar and finally I realised that I had to check the digital signature by programming. Equinox does not check the digital signature in the installation proccess.
David Conde Baena
I have a question regarding verifying the signed bundles at load time.
I start Equinox with:
I have a signed bundle, which was signed with a different keystore and can start it without any problems.
I also removed classes from the bundle after signing it and it started with no problem.
Is Equinox verifying bundle signatures out of the box or do I have to do something in code?
Thanx in advance for any help,