| RE: [equinox-dev] verifying signed bundles |
|
Hello again, No, I don`t. I developed a method who check the jar file,
verifying the different entries in the Jar file by using Java classes instead
of Equinox SignedContentFactory Service, basically because I did not know about
this Equinox service when I coded the signature checking method. Regards David De:
equinox-dev-bounces@xxxxxxxxxxx [mailto:equinox-dev-bounces@xxxxxxxxxxx] En
nombre de Hampel, Michael Hello David, thank you for your answer. For verifying the signatures are you using the SignedContentFactory
Service, registered by the Equinox bundle? thanx again, Michael Von:
equinox-dev-bounces@xxxxxxxxxxx [mailto:equinox-dev-bounces@xxxxxxxxxxx] Im
Auftrag von David Conde Hi Michael, I tried something similar and finally I realised that I had to
check the digital signature by programming. Equinox does not check the digital
signature in the installation proccess. Regards David -- David Conde Baena
De:
equinox-dev-bounces@xxxxxxxxxxx [mailto:equinox-dev-bounces@xxxxxxxxxxx] En
nombre de Hampel, Michael Hello, I
have a question regarding verifying the signed bundles at load time. I
start Equinox with: -Dosgi.framework.keystore=file:/D:/config/keystore
I
have a signed bundle, which was signed with a different keystore and can start
it without any problems. I
also removed classes from the bundle after signing it and it started with no
problem. Is
Equinox verifying bundle signatures out of the box or do I have to do something
in code? Thanx
in advance for any help, Michael |