sun.com   |  docs.sun.com
How To Buy  |  My Sun  |  Worldwide Sites
         
 
Sun Microsystems Logo
 Products and Services
 		 Support and Training
 
 
Signed Patches Administration Guide for PatchPro 2.2 >> A.   Managing Signed Patches Without Solaris Patch Management Tools (Tasks) >> Managing Signed Patches by Using Java Tools (Task Map) 

Previous Previous     Contents     Index     Next Next

ProcedureHow to Apply the Verified Signed Patch

  1. Become superuser.

  2. Unzip the patch bundle, for example:

    # unzip 100103-12.jar
Archive:  100103-12.jar
       inflating: 100103-12/README        
       inflating: 100103-12/4.1secure.sh  
       inflating: META-INF/manifest.mf    
       inflating: META-INF/zigbert.sf     
       inflating: META-INF/zigbert.rsa    
#

  3. Apply the verified uncompressed signed patch, for example:

    # patchadd /patchdb/100103-12

Managing Signed Patches by Using Netscape Tools (Task Map)

Perform these tasks in the order shown.

Task

Description

For Instructions

1. Download the Netscape signtool command.

Download the Netscape signtool command to verify signed patches.

How to Download the Netscape signtool Command

2. Import the Sun certificates.

Import and accept the Sun certificates into the Netscape 4.7 keystore.

Import and accept the Sun certificates into the Netscape 6 keystore.

How to Import the Sun Certificates With Netscape 4.7 Tools

How to Import the Sun Certificates With Netscape 6 Tools

3. Certify the Sun certificates.

Certify the Sun certificates by using Netscape 4.7 tools.

Certify the Sun certificates by using Netscape 6 tools.

How to Certify the Sun Certificates With Netscape 4.7 Tools

How to Certify the Sun Certificates With Netscape 6 Tools

4. Create or change the keystore password.

Create or change a password to keep the keystore secure.

How to Create or Change a Keystore Password With Netscape Tools

5. Verify a signed patch.

Download a patch from SunSolve Online, and verify it with the signtool command.

How to Verify a Signed Patch (signtool)

6. Apply the verified signed patch.

Use the patchadd command to apply the verified signed patch.

How to Apply a Verified Signed Patch

ProcedureHow to Download the Netscape signtool Command

  1. Go to the following site:

    http://developer.netscape.com/software/signedobj/jarpack.html#signtool1.3

  2. Download signtool 1.3 by clicking SignTool 1.3 for Solaris 2.6 (SunOS 5.6).

  3. As superuser, uncompress the signtool13SunOS56.tar.gz package.

    # gunzip signtool13SunOS56.tar.gz

  4. Untar the signtool13SunOS56.tar file.

    # tar xvf signtool13SunOS56.tar

ProcedureHow to Import the Sun Certificates With Netscape 4.7 Tools

The following procedure removes the existing GTE CyberTrust Root CA before importing the Sun certificates into your certificate store. You will add the GTE CyberTrust Root CA back when you import the chain of Sun certificates into your certificate store.

Use this procedure with Netscape Communicator 4.7.

  1. If necessary, start Netscape Communicator.

  2. Access the Security Info page in one of the following ways:

    • Click the Security button on your Netscape browser (the small lock in the lower left corner).

    • Click the Security button in the Navigator toolbar.

    • From the Communicator menu, choose Tools->Security Info.

  3. Select Signers under Certificates on the Security Info pop-up window.

  4. Select GTE CyberTrust Root CA, and click the Delete button.

  5. Click OK in the Delete pop-up window.

  6. Click OK in the Signers window.

  7. Import the Sun certificates into Netscape Communicator.

    1. Go the following site to import the Sun certificates:

      https://ra.sun.com:11005

    2. Select the Retrieval tab at the top of the page.

    3. Select Import CA Certificate Chain in the left panel, and if it is not already selected, click the radio button next to Import the CA Certificate Chain Into Your Browser.

    4. Click Submit.

    5. Click Next on the pop-up windows that lead you through the import process until you get to a panel that has three checkboxes for accepting the certificate for network sites, email users, and software developers.

    6. Check all three boxes, then click Next.

    7. Continue clicking Next until you get to a panel with a Name text field.

    8. Type GTE CyberTrust Root CA in the Name text field.

    9. Click Finish.

  8. Verify that the certificates have been successfully imported.

    1. Access the Netscape Security Info page in one of the following ways:

      • Click the Security button on your Netscape browser (the small lock in the lower left corner).

      • Click the Security button in the Navigator toolbar.

      • From the Communicator menu, choose Tools->Security Info.

    2. Select Signers under Certificates on the Security Info pop-up window.

    3. Scroll down until you see the GTE CyberTrust Root entry, and the SunPKI certificates: Sun Microsystems Inc CA (Class B) - Sun Microsystems Inc and Sun Microsystems Inc Root CA - GTE Corporation entries.

  9. You can verify that the Sun certificates are imported by viewing the Sun Microsystems certificates in the output of this command:

    # signtool -L

  10. Go to the next procedure to certify the Sun certificates that you just imported.

Previous Previous     Contents     Index     Next Next
 
Copyright 1994-2003 Sun Microsystems