Skip Navigation Links | |
Exit Print View | |
Oracle Solaris 10 1/13 Installation Guide: Network-Based Installations Oracle Solaris 10 1/13 Information Library |
Part I Planning to Install Over the Network
1. Where to Find Oracle Solaris Installation Planning Information
2. Preconfiguring System Configuration Information (Tasks)
3. Preconfiguring With a Naming Service or DHCP
Part II Installing Over a Local Area Network
4. Installing From the Network (Overview)
5. Installing From the Network With DVD Media (Tasks)
6. Installing From the Network With CD Media (Tasks)
7. Patching the Miniroot Image (Tasks)
8. Installing Over the Network (Examples)
9. Installing From the Network (Command Reference)
Part III Installing Over a Wide Area Network
11. Preparing to Install With WAN Boot (Planning)
12. Installing With WAN Boot (Tasks)
13. SPARC: Installing With WAN Boot (Tasks)
14. SPARC: Installing With WAN Boot (Examples)
Create the Document Root Directory
Check the Client OBP for WAN Boot Support
Install the wanboot Program on the WAN Boot Server
Create the /etc/netboot Hierarchy
Copy the wanboot-cgi Program to the WAN Boot Server
(Optional) Configure the WAN Boot Server as a Logging Server
Configure the WAN Boot Server to Use HTTPS
(Optional) Use Private Key and Certificate for Client Authentication
Create the Keys for the Server and the Client
Create and Validate the rules File
Create the System Configuration File
Check the net Device Alias in OBP
By requiring the server to authenticate itself to the client, you protect the data that is transmitted from the server to the client over HTTPS. To enable server authentication, you provide a trusted certificate to the client. The trusted certificate enables the client to verify the identity of the server during the installation.
To provide the trusted certificate to the client, assume the same user role as the web server user. Split the certificate to extract a trusted certificate. Then, insert the trusted certificate in the client's truststore file in the /etc/netboot hierarchy.
In this example, you assume the web server user role of nobody. Then, you split the server PKCS#12 certificate that is named cert.p12, and insert the trusted certificate in /etc/netboot directory for wanclient-1.
wanserver-1# su nobody Password: wanserver-1# wanbootutil p12split -i cert.p12 -t \ /etc/netboot/192.168.198.0/010003BA152A42/truststore