[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[equinox-dev] Signed bundles

After succeeding in getting Equinox to run with security on, I'm now experimenting with signed bundles. First I made a new keystore, using the standard java "keytool", like this:

keytool -genkey -alias myalias -keystore keystore

I created a bundle using Eclipse's PDE, and used the "Export" function to create a signed bundle, pointing to my freshly created keystore, specifying the alias and password.

Now my question is, how do I configure equinox to use my keystore? I want to use it in combination with PermissionAdmin and an AdminPermission that filters on the signer (using a condition like "(signer=\*, o=mycompany)"). All I can find is documentation on how to use the jarverifier (http://dev.eclipse.org/viewcvs/indextech.cgi/equinox-home/security/verifier.html ) which states I can use a "osgi.framework.keystore" property to point to my store. What I don't know is:
a) do I need this jarverifier at all? I am assuming that just starting equinox with security should be enough;
b) is that property also applicable if you're not using the jarverifier?
c) how do I specify alias and password for the store?


Any pointers to information about this would be nice too! :)

Greetings, Marcel