If you are installing signed packages, set the image properties and publisher properties described in this section to verify package signatures.
Configure the following image properties to use signed packages.
The value of this property determines the checks that will be performed on manifests when installing, updating, modifying, or verifying packages in the image. The final policy applied to a package depends on the combination of image policy and publisher policy. The combination will be at least as strict as the stricter of the two policies taken individually. By default, the package client does not check whether certificates have been revoked. To enable those checks, which might require the client to contact external web sites, set the check-certificate-revocation image property to true. The following values are allowed:
Ignore signatures for all manifests.
Verify that all manifests with signatures are validly signed but do not require all installed packages to be signed.
This is the default value.
Require that all newly installed packages have at least one valid signature. The pkg fix and pkg verify commands also warn if an installed package does not have a valid signature.
Follow the same requirements as require-signatures but also require that the strings listed in the signature-required-names image property appear as a common name of the certificates used to verify the chains of trust of the signatures.
The value of this property is a list of names that must be seen as common names of certificates while validating the signatures of a package.
Configure the following publisher properties to use signed packages from a particular publisher.
The function of this property is identical to the function of the signature-policy image property except that this property applies only to packages from the specified publisher.
The function of this property is identical to the function of the signature-required-names image property except that this property applies only to packages from the specified publisher.
Use the set-property, add-property-value, remove-property-value, and unset-property subcommands to configure package signature properties.
Use the --set-property, --add-property-value, --remove-property-value, and --unset-property options of the set-publisher subcommand to specify signature policy and required names for a particular publisher.
The following example configures this image to require all packages to be signed. This example also requires the string “oracle.com” to be seen as a common name for one of the certificates in the chain of trust.
$ pkg set-property signature-policy require-names oracle.com
The following example configures this image to require all signed packages to be verified.
$ pkg set-property signature-policy verify
The following example configures this image to require that all packages installed from the publisher example.com must be signed.
$ pkg set-publisher --set-property signature-policy=require-signatures example.com
The following example adds a required signature name. This example adds the string trustedname to the image's list of common names that must be seen in a signature's chain of trust to be considered valid.
$ pkg add-property-value signature-required-names trustedname
The following example removes a required signature name. This example removes the string trustedname from the image's list of common names that must be seen in a signature's chain of trust to be considered valid.
$ pkg remove-property-value signature-required-names trustedname
The following example adds a required signature name for a specified publisher. This example adds the string trustedname to the example.com publisher's list of common names that must be seen in a signature's chain of trust to be considered valid.
$ pkg set-publisher --add-property-value \ signature-required-names=trustedname example.com