Anothe pkgng question: signing a repository
Kimmo Paasiala
kpaasial at gmail.com
Thu Dec 27 20:27:25 UTC 2012
On Thu, Dec 27, 2012 at 6:22 PM, Rainer Duffner <rainer at ultra-secure.de> wrote:
> Hi,
>
> I'm creating my own repository and have created a key for it.
>
> I've created a CSR for it and used that to generate a certificate via
> our internal CA. Because there was no other information available, I
> used the profile that we use to generate SSL-certificates for web
> servers.
>
> I copied the certificate to the server and adjusted pkg.conf, but when I
> want to query the repository, I get:
>
> root at server:/etc/ssl/cert # pkg install net-snmpd
> Updating repository catalogue
> repo.txz
> 100% 219KB 219.5KB/s 219.5KB/s 00:00 pkg: error reading public
> key(/etc/ssl/pkg.conf): error:0906D06C:PEM routines:PEM_read_bio:no
> start line pkg: Invalid signature, removing repository.
>
>
> What does pkg expect to be in this file?
>
>
> openssl x509 displays the data for the certificate correctly, so I
> really don't know what's missing.
>
> I ktraced pkg and it is indeed reading the file.
>
>
>
>
> Best Regards
> Rainer
See Glen Barber's page about "Maintaining your own pkgng repository".
https://glenbarber.us/2012/06/11/Maintaining-Your-Own-pkgng-Repository.html
HTH
-Kimmo
More information about the freebsd-stable
mailing list