Verify the signed patches that you want to install against the authenticated Sun certificates.
Become superuser.
Determine the fingerprints of your Sun Root certificate and Sun Class B certificate.
For example, on a Solaris 8 system:
# /usr/java1.3/bin/keytool -printcert \ -file /etc/certs/SUNW/smirootcacert.b64 # /usr/java1.3/bin/keytool -printcert -file /etc/certs/SUNW/smicacert.b64 |
Verify that the output of these commands match the Sun Root and Class B certificate fingerprints displayed at this site:
https://www.sun.com/pki/ca |
Change to the /etc/certs/SUNW directory.
# cd /etc/certs/SUNW |
Import the Class B certificate.
For example, on a Solaris 8 system, type:
# /usr/java1.3/bin/keytool -import -alias smicacert \ -file smicacert.b64 -keystore /usr/java1.3/jre/lib/security/cacerts Enter keystore password: changeit Owner: O=Sun Microsystems Inc, CN=Sun Microsystems Inc CA (Class B) Issuer: CN=Sun Microsystems Inc Root CA, O=Sun Microsystems Inc, C=US Serial number: 1000006 Valid from: Mon Nov 13 12:23:10 MST 2000 until: Fri Nov 13 12:23:10 MST 2009 Certificate fingerprints: MD5: B4:1F:E1:0D:80:7D:B1:AB:15:5C:78:CB:C8:8F:CE:37 SHA1: 1E:38:11:02:F0:5D:A3:27:5C:F9:6E:B1:1F:C4:79:95:E9:6E:D6:DF Trust this certificate? [no]: yes Certificate was added to keystore |
Import the root certificate.
# /usr/java1.3/bin/keytool -import -alias smirootcacert \ -file smirootcacert.b64 -keystore /usr/java1.3/jre/lib/security/cacerts Enter keystore password: changeit Owner: CN=Sun Microsystems Inc Root CA, O=Sun Microsystems Inc, C=US Issuer: CN=GTE CyberTrust Root, O=GTE Corporation, C=US Serial number: 40002ae Valid from: Wed Oct 16 09:45:00 MDT 2002 until: Sat Oct 16 17:59:00 MDT 2004 Certificate fingerprints: MD5: 54:E3:D1:E4:79:B4:17:23:65:B4:F9:14:AD:C6:4A:FE SHA1: 90:F1:AB:87:AE:A0:4C:1F:AF:43:60:DE:5D:A8:0E:D8:CE:E7:06:AE Trust this certificate? [no]: yes Certificate was added to keystore |