If your system already has a populated Java keystore, you can now export the Sun Microsystems root CA certificate from the Java keystore with the keytool command. Then, use the pkgadm command to import this certificate into the package keystore.
After the Root CA certificate is imported into the package keystore, you can use the pkgadd and patchadd commands to add signed packages and patches to your system.
The Sun Microsystems root-level certificates are only required when adding Sun-signed patches and packages.
For step-by-step instructions on importing certificates into the package keystore, see How to Import a Trusted Certificate From the Java Keystore (pkgadm addcert).
For complete instructions on adding signed packages with the pkgadd command, see How to Add a Signed Package (pkgadd).