1. Automatically Installing Oracle Solaris 11.4 Systems
  2. Securing Automated Installation
  3. Securing Automated Installations
  4. Securing AI on the AI Server
  5. Setting the HMAC Policy

Setting the HMAC Policy

Configuring the HMAC policy sets the server-wide policy for HMAC signatures. After you have set the policy, the HMAC type becomes the default signature for new custom clients or services. You do not need to specify the policy again unless you set an exception to the policy, or if you are performing upgrades.

Setting the policy does not affect existing SPARC clients and services until you specifically set their firmware keys. For information about upgrading security on SPARC clients, see SPARC: Upgrading Security Credentials.

This example sets the policy to use HMAC-SHA256 as the default signature for future clients and services:

$ installadm set-server --hmac-policy hmac-sha256
Changed Server.

Note:

You can also use the shorter form of the option: 
$ installadm set-server -F hmac-sha256