Karl, I'm trying your keytool commands.
The first one is to export the private key into a certificate, right? this
was successful, but I've a few questions on the second one:
1) what the /core.cert/ should be? Should it be what under Windows is the
/cacerts/ file, which comes with the JVM?
2) I tried with that file but I receive a "java.lang.Exception: The input is
not a X.509 certificate" even if when I verify a signed bundle with
/jarsigner -verify
D:Programmi_D\felix-framework-4.2.1\bundle\plugins\ReadWriteFileBundle_1.0.0.jar
-verbose -certs/
the output result is:
/s 430 Fri Jan 24 09:43:16 CET 2014 META-INF/MANIFEST.MF
X.509, CN=xxx, OU=xxx, O=xxx, L=xxxxx, ST=xx, C=xx
[certificate is valid from 16/01/14 9.49 to 11/01/15 9.49]
[CertPath not validated: null]
348 Fri Jan 24 09:43:16 CET 2014 META-INF/SELFSIGN.SF
1316 Fri Jan 24 09:43:16 CET 2014 META-INF/SELFSIGN.RSA
0 Fri Jan 24 09:43:18 CET 2014 META-INF/
0 Fri Jan 24 09:43:18 CET 2014 org/
0 Fri Jan 24 09:43:18 CET 2014 org/example/
0 Fri Jan 24 09:43:18 CET 2014 org/example/app/
sm 2919 Fri Jan 24 09:43:18 CET 2014 org/example/app/Activator.class
X.509, CN=xxx, OU=xxx, O=xxx, L=xxxxx, ST=xx, C=xx
[certificate is valid from 16/01/14 9.49 to 11/01/15 9.49]
[CertPath not validated: null]
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
jar verified.
Warning:
This jar contains entries whose certificate chain is not validated./
My bundles seem to be certified with a a X.509 certificate (the ks.jks I use
for launching the framework as well: /java
-Dorg.osgi.framework.security=osgi -Djava.security.policy=all.policy
-Dfelix.keystore=file:ks.jks -Dfelix.keystore.pass=mypwd
-Dfelix.keystore.type=jks -jar bin/felix.jar/).
If this won't lead to a solution, I'll share you the signed and not-signed
bundles, the security bundle and the .jks file (what's the easiest way to
share it with you? Private mail?).
Thanks,
Andrea
--
View this message in context:
http://apache-felix.18485.x6.nabble.com/Problem-with-Felix-security-and-bundle-policies-tp5006903p5006965.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
