I'd like to configure p2 repository managers to connect to HTTPS repositories (Apache + client certificates).
There are several methods available to load repositories:
public IMetadataRepository loadRepository(URI location, IProgressMonitor monitor) throws ProvisionException, OperationCanceledException;
public IMetadataRepository loadRepository(URI location, int flags, IProgressMonitor monitor) throws ProvisionException, OperationCanceledException;
public IArtifactRepository loadRepository(URI location, IProgressMonitor monitor) throws ProvisionException;
public IArtifactRepository loadRepository(URI location, int flags, IProgressMonitor monitor) throws ProvisionException;
with location parameter I can provide URI to HTTPS server. How can I provide paths to key-stores/trust-stores that contain client and CA certificates? I don't like to use global key-stores for Java process.
Found a solution. p2 uses ECF as communication layer.
To activate SSL support:
org.eclipse.ecf.provider.filetransfer.httpclient.ssl and/or org.eclipse.ecf.provider.filetransfer.sslcreate SSLSocketFactory object with keystore(s) and register as OSGi service
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(keymanagers, trustmanagers, null);
SSLSocketFactory factory = sslContext.getSocketFactory();
bundleContext.registerService(SSLSocketFactory.class.getName(), factory, null);