Anothe pkgng question: signing a repository
Rainer Duffner
rainer at ultra-secure.de
Thu Dec 27 16:22:59 UTC 2012
Hi,
I'm creating my own repository and have created a key for it.
I've created a CSR for it and used that to generate a certificate via
our internal CA. Because there was no other information available, I
used the profile that we use to generate SSL-certificates for web
servers.
I copied the certificate to the server and adjusted pkg.conf, but when I
want to query the repository, I get:
root at server:/etc/ssl/cert # pkg install net-snmpd
Updating repository catalogue
repo.txz
100% 219KB 219.5KB/s 219.5KB/s 00:00 pkg: error reading public
key(/etc/ssl/pkg.conf): error:0906D06C:PEM routines:PEM_read_bio:no
start line pkg: Invalid signature, removing repository.
What does pkg expect to be in this file?
openssl x509 displays the data for the certificate correctly, so I
really don't know what's missing.
I ktraced pkg and it is indeed reading the file.
Best Regards
Rainer
More information about the freebsd-stable
mailing list