How to Verify a Signed Patch (signtool) (Signed Patches Administration Guide for PatchPro 2.2)

Signed Patches Administration Guide for PatchPro 2.2

How to Verify a Signed Patch (`signtool`)

Verify that the following prerequisites are met:
- You have downloaded the Netscape signtool program.
  
  For more information, see How to Download the Netscape signtool Command.
- You have imported the appropriate Sun certificates.
  
  For more information, see How to Import the Sun Certificates With Netscape 4.7 Tools.
- You are logged in as superuser.

Download a signed patch from the following location:

http://sunsolve.Sun.COM/pub-cgi/show.pl?target=patches/patch-access

Verify a signed patch, for example:

# signtool -v /patchdb/100103-12.jar
using certificate directory: /.netscape
archive "/patchdb/100103-12.jar" has passed crypto verification.

          status   path
    ------------   -------------------
        verified   100103-12/README
        verified   100103-12/4.1secure.sh
#

If the patch verification fails, you will see a message similar to this:

archive DID NOT PASS crypto verification