|
|
|
|
|
System property |
Default value |
Description |
|---|---|---|
mbs.certificates |
true |
If true, enables the availability of the Certificate Manager as well as of all features of the framework related to certificate management and to signed bundle JAR files. Default is true. |
mbs.certificates.keyManager |
false |
If set to 'true' , registers an X509KeyManager service upon registration of the CertificateManager. |
mbs.certificates.trustManager |
false |
If set to 'true' , registers an X509TrustManager service upon registration of the CertificateManager. |
mbs.certificates.impl |
default |
Specifies the Certificate Manager implementation. Can have two possible values:
|
mbs.certificate.root |
<user_home>/certs |
Indicates the directory holding the trusted certificates used by the X509 certificate storage. Valid only for that type of Certificate Manager storage. |
mbs.keystore.class |
com.prosyst.mbs. impl.framework.module. certmanager.certstorage. DefaultCertificateKeyStoreImpl |
Specifies the implementation class of the certificate storage used by the Certificate Manager. Possible values are:
|
mbs.certificates.boot.enableDigests |
false |
If true, enables verifying entry digests in installed signed bundles at framework startup. |
mbs.certificates.delayedCheckJarEntriesDigests |
false |
If true, enables verifying entry digests in installed signed bundles only when there is a need for a relevant entry. |
mbs.certificates.fileName |
certsStorage |
Specifies the file to store bundle signer information to so as to have optimized startup with regard to JAR signer analysis. |
mbs.certificates.strict |
false |
If true, the framework will run only signed bundles and will not allow update of signed to unsigned bundle. |
mbs.certificates.skipValidationCheck |
false |
If true, the framework will skip the validation for expired certificates. |