OpenSolaris 2008.11 Image Packaging System Guide
Previous Next

Document Information

1.  Image Packaging System (IPS) For New Users

2.  Using IPS CLI

3.  Advanced IPS Commands

4.  Using Keys and Certificates for Repositories

Repositories That Require Keys and Certificates (Overview)

Obtaining Keys and Certificates

Associating a Key and Certificate With a Repository

5.  IPS For Developers (Tasks)

6.  Mirroring Repositories

7.  Classification of Packages

8.  pkg(1) Command Reference

9.  Further Information

Glossary

Associating a Key and Certificate With a Repository

After you have obtained your key and certificate, you can choose a repository as the default authority for pkg commands.

How to Associate a Key and Certificate With a Repository

  1. (Optional) Switch to a new authority or add a new authority.

    • If you want to associate a key and certificate to the /release repository, skip to the next step. By default, the installed product has a preferred authority of opensolaris.org served by the repository at the URL: http://pkg.opensolaris.org/release.

    • If you want to have access to the /support and /extra repositories, you must switch to that authority.

    $ pfexec pkg set-authority -O path_to_authority authority
    -O path_to_authority

    Specifies the repository that you want to access.

    authority

    Specifies the preferred authority.

  2. Associate a key and certificate with a repository.
    $ pfexec pkg set-authority -k key_file_path -c cert_file_path authority
    -k key_file_path

    Specifies the path to the key file and the key file name.

    -c cert_file_path

    Specifies the path to the certificate and the certificate file name.

    authority

    Specifies the preferred repository.

Example 4-1 How to Associate a Key and Certificate With the /release Repository

In this example, the /release repository is associated with the opensolaris.org preferred authority.

$ pfexec pkg set-authority -k key_file -c cert_file opensolaris.org
Example 4-2 How to Associate a Key and Certificate With the /support Repository

In this example, the repository's default location is switched to the /support repository. Then, the key and certificate are associated with the opensolaris.org preferred authority.

$ pfexec pkg set-authority -O https://pkg.sun.com/opensolaris/support \ opensolaris.org 
$ pfexec pkg set-authority -k key_file -c cert_file opensolaris.org
Example 4-3 How to Associate a Key and Certificate With the /extra Repository

In this example, a new repository is added, extra.opensolaris.org. Then, the key and certificate are associated with the opensolaris.org preferred authority.

$ pfexec pkg set-authority -O https://pkg.sun.com/opensolaris/extra \ extra.opensolaris.org 
$ pfexec pkg set-authority -k key_file -c cert_file opensolaris.org
Next Steps
Previous Next