JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Packaging and Delivering Software With the Image Packaging System in Oracle Solaris 11.1     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

1.  IPS Design Goals, Concepts, and Terminology

2.  Packaging Software With IPS

3.  Installing, Removing, and Updating Software Packages

4.  Specifying Package Dependencies

5.  Allowing Variations

6.  Modifying Package Manifests Programmatically

7.  Automating System Change as Part of Package Installation

8.  Advanced Topics For Package Updating

9.  Signing IPS Packages

Signing Package Manifests

Defining Signature Actions

Publishing Signed Package Manifests

Troubleshooting Signed Packages

Chain Certificate Not Found

Authorized Certificate Not Found

Untrusted Self-Signed Certificate

Signature Value Does Not Match Expected Value

Unknown Critical Extension

Unknown Extension Value

Unauthorized Use of Certificate

Unexpected Hash Value

Revoked Certificate

10.  Handling Non-Global Zones

11.  Modifying Published Packages

A.  Classifying Packages

B.  How IPS Is Used To Package the Oracle Solaris OS

Chapter 9

Signing IPS Packages

The ability to validate that the software installed on the user's machine is actually as originally specified by the publisher is an important feature of IPS. This ability to validate the installed system is key for both the user and the support engineering staff.

Signature policies can be set for the image or for specific publishers. Policies include ignoring signatures, verifying existing signatures, requiring signatures, and requiring specific common names in the chain of trust.

This chapter describes IPS package signing and how developers and quality assurance organizations can sign either new packages or existing, already signed packages.