The TrustEngine is largely used as an implementation detail behind the
org.eclipse.osgi.signedcontent package. OSGi services published with using
the org.eclipse.osgi.service.security.TrustEngine interface are used to
determine the authenticity of a certificate chain used to sign content
(jars,
p2 uses the TrustEngine to persist newly trusted certificates after
prompting the user. See org.eclipse.equinox.internal.p2.engine.phases.
CertificateChecker.
Thanks John,
I see that the code you mention does use a TrustEngine to attempt to
persist newly trusted certificates. But I wonder if there are any
implementations of the TrustEngine service that are not read-only. The
framework registers a built-in TrustEngine that is backed by the CA certs
equinox-dev,
IPZilla records show that one or more of the projects on which you are
developer are in need of attention. The following CQs have been in the
'awaiting_project' status for over 3 weeks and need your team to take
action.
rt.equinox:
6484 Apache Felix Resolver -- checkintocvs,
