The pkgsign tool does not perform all possible checks for its inputs when signing packages. Therefore, it is important to check signed packages to ensure that they can be properly installed after being signed.
This section shows errors that can occur when attempting to install or update a signed package and provides explanations of the errors and solutions to the problems.
A signed package can fail to install or update for reasons that are unique to signed packages. For example, if the signature of a package fails to verify, or if the chain of trust cannot be verified or anchored to a trusted certificate, the package fails to install.
When installing signed packages, the following image and publisher properties influence the checks that are performed on packages:
Image properties
signature-policy
signature-required-names
trust-anchor-directory
Publisher properties
signature-policy
signature-required-names
See the pkg(1) man page for further information about these properties and their values.