|Skip Navigation Links|
|Exit Print View|
|Developer's Guide to Oracle Solaris Security Oracle Solaris 11 Express 11/10|
Typically, the developer of the provider signs the provider. However, the system administrator might be called on to sign the developer's binary as part of your site security policy.
% elfsign sign -k private-keyfile -c Oracle-certificate -e provider-object
File that contains that private key that was used to generate the certificate request that was sent to Oracle.
Path to the certificate from Oracle that was issued from the certificate request.
Path to the provider, or binary, to be signed for use within the cryptographic framework.
The following example shows how to sign a provider.
% elfsign sign \ -k /securecrypt/private/MyCompany.private.key \ -c /etc/crypto/certs/MyCompany -e /path/to/provider.object
Note that using elfsign sign changes the object in the location that was specified. If an unsigned version of the object is needed, then the object should be copied to a different location before elfsign sign is applied.