-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Sanaullah,
On 2/13/15 12:48 PM, Sanaullah wrote: > I have signed the ear package using jar signer and start the tomee > using ./startup.sh -security and also edit the catalina.policy > file looks like below. > > I am confused here, how code sign verification process is done? if > the code sign certificate is not the truststore still the tomcat > server will start? or it stops booting the application? > > I haven't seen anything in the log related to code sign, how can i > verify this ? I'm no expert in use of a security manager or signed code, but where is your trust store located? How are you telling the JVM about where to find it? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJU5f2SAAoJEBzwKT+lPKRY7QwP/A1ErRELoaHDConRnqtC9sQf Ga9zopcoFwvb+85ei/UxjmjE1IaoxkCB7QLX3tGI36lz+RYc8nBa1aS0IN9qpDEM 2qoMjKAwJqsG1EZOhVMq0liTlUnaKzb2UIh75daZlx6aaMjQu9oiLyRdwkEIkN73 71v4hlLYMhg1HbxDPbyswn32fyQYbYk9RAi0XnU/dHISZSkQVaRc2LuQoIXAVIba iSzPrHQfGBA4HdQexRM5E58T9uLR8Q2ducDD2ybubrwYfZILsywRfBtIg256PS69 HSSyXUQsliXaRWX6Z+wpR2XWcslAUd9jBy0OQYJBMqRR9vvJgHaC8sqMbCxZI6+9 i8j+l3HXjZ/nTeHDJg/0R5VG5fDe1q99/I/Wgj6834/3kV5SOY5hnr+LGsV8xwcK CGj5+PPu6VqRaxIIMSf0qSz207aLP6GhXvHtvJvJJSZ1JWTaYoNTkf/Wdit/xqSJ uIbLbKhYyzhyy1rEUowcKD52nSbhIr96fXnt72zgwWKwjKjxbTesoSf4CAQ2r0YJ OpFPluD7VOm+QvfQyqYvUptfaDfOMYpl0zmmsGhETl5a58HddTx8KmQmEF1I9zpW Ws28KkU8P7l29bqJJULNbyjohFjuUEzu+2X4hZ0XGpCJje+2NL6SZyuIEwInrIbw BTz4sWkhCjS0QdhrxIMM =Z3Qo -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
