[ https://issues.apache.org/jira/browse/GERONIMODEVTOOLS-521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12652692#action_12652692 ]
Delos Dai commented on GERONIMODEVTOOLS-521: -------------------------------------------- I think you mean we should add signature for each plugin. For this bug, maven plugin "keytool-maven-plugin" will be used to generate certification and "jar:sign" goal in "maven-jar-plugin" will be needed to sign the jar packages. Attachment is a patch for this.Then, after building, generated GEP will be shown as signed in eclipse plugins list. The added properties in eclipse-plugin/trunk/pom.xml are: <keystoreAlias>devtools</keystoreAlias> <keystoreFile>keystore</keystoreFile> <keystoreDname>cn=http://geronimo.apache.org</keystoreDname> <keystoreKeypass>devtools</keystoreKeypass> <keystoreStorepass>geronimo</keystoreStorepass> <keystoreValDays>180</keystoreValDays> They're the parameters used to generate signature. I just give sample here, you can replace them. The parameters here are similar to the parameters of "keytool" and "jarsigner". Could anyone help to review it? Thanks! > Sign features so the eclipse update manager recognizes them as signed > --------------------------------------------------------------------- > > Key: GERONIMODEVTOOLS-521 > URL: > https://issues.apache.org/jira/browse/GERONIMODEVTOOLS-521 > Project: Geronimo-Devtools > Issue Type: Bug > Components: eclipse-plugin > Affects Versions: 2.0.0, 2.1.0, 2.1.1, 2.1.2, 2.1.3 > Reporter: Ted Kirby > Assignee: Tim McConnell > Fix For: 2.2.0 > > Attachments: 521.patch > > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.