For some reason you only get the instructions on how to install a
certificate to get access to supported or extras updates on your
OpenSolaris system after you have downloaded the certificate. Not a
big issue as that is generally when you want the instructions.
However if you already have your certificates and now want to install
them on another system (that you have support for) you can’t get the
instructions without getting another certificate.
So here are the instructions cut’n'pasted from the support page,
as much for me as for you:
How to Install this OpenSolaris 2008.11 standard support
Certificate
Download the provided key and
certificate files, called
OpenSolaris_2008.11_standard_support.key.pem
andOpenSolaris_2008.11_standard_support.certificate.pem
using the buttons above. Don’t worry if you get logged out, or lose
the files. You can come back to this site later and re-download
them. We’ll assume that you downloaded these files into your Desktop
folder,~/Desktop/.
Use the following comands to make a directory inside of
/var/pkg to store the key and certificate, and copy the key
and certificate into this directory. The key files are kept by
reference, so if the files become inaccessible to the packaging
system, you will encounter errors. Here is how to do it:
$ pfexec mkdir -m 0755 -p /var/pkg/ssl
$ pfexec cp -i ~/Desktop/OpenSolaris_2008.11_standard_support.key.pem /var/pkg/ssl
$ pfexec cp -i ~/Desktop/OpenSolaris_2008.11_standard_support.certificate.pem /var/pkg/ssl
Add the publisher:
$ pfexec pkg set-authority \
-k /var/pkg/ssl/OpenSolaris_2008.11_standard_support.key.pem \
-c /var/pkg/ssl/OpenSolaris_2008.11_standard_support.certificate.pem \
-O https://pkg.sun.com/opensolaris/support/ opensolaris.org
To see the packages supplied by
this authority, try:
$ pkg list -a ‘pkg://opensolaris.org/*’
If you use the Package Manager graphical application, you will be
able to locate the newly discovered packages when you restart Package
Manager.
How to Install this OpenSolaris extras Certificate
Download the provided key and
certificate files, called OpenSolaris_extras.key.pem and
OpenSolaris_extras.certificate.pem using the buttons above.
Don’t worry if you get logged out, or lose the files. You can come
back to this site later and re-download them. We’ll assume that you
downloaded these files into your Desktop folder, ~/Desktop/.
Use the following comands to make a directory inside of
/var/pkg to store the key and certificate, and copy the key
and certificate into this directory. The key files are kept by
reference, so if the files become inaccessible to the packaging
system, you will encounter errors. Here is how to do it:
$ pfexec mkdir -m 0755 -p /var/pkg/ssl
$ pfexec cp -i ~/Desktop/OpenSolaris_extras.key.pem /var/pkg/ssl
$ pfexec cp -i ~/Desktop/OpenSolaris_extras.certificate.pem /var/pkg/ssl
Add the publisher:
$ pfexec pkg set-authority \
-k /var/pkg/ssl/OpenSolaris_extras.key.pem \
-c /var/pkg/ssl/OpenSolaris_extras.certificate.pem \
-O https://pkg.sun.com/opensolaris/extra/ extra
To see the packages supplied by this authority, try:
$ pkg list -a ‘pkg://extra/*’
If you use the Package Manager graphical application, you will be
able to locate the newly discovered packages when you restart
Package Manager.
May 1, 2009 at 08:45 |
And if you are sitting behind a proxy, doing the following is probably a good idea (assuming http_proxy is already set).
export https_proxy=http_proxy
http://defect.opensolaris.org/bz/show_bug.cgi?id=8432
May 1, 2009 at 08:50 |
Thanks. Of course you only need this if your proxy is not transparent. Thankfully mine is:
http://blogs.sun.com/chrisg/entry/http_proxy_in_a_zone
May 1, 2009 at 14:33 |
All much easier in 2009.06, of course, where you can just add your certificates in the package manager GUI.