Date: Thu, 27 Dec 2012 17:22:56 +0100 From: Rainer Duffner <rainer@ultra-secure.de> To: freebsd-stable@freebsd.org Subject: Anothe pkgng question: signing a repository Message-ID: <20121227172256.647c6728@suse3>
next in thread | raw e-mail | index | archive | help
Hi, I'm creating my own repository and have created a key for it. I've created a CSR for it and used that to generate a certificate via our internal CA. Because there was no other information available, I used the profile that we use to generate SSL-certificates for web servers. I copied the certificate to the server and adjusted pkg.conf, but when I want to query the repository, I get: root@server:/etc/ssl/cert # pkg install net-snmpd Updating repository catalogue repo.txz 100% 219KB 219.5KB/s 219.5KB/s 00:00 pkg: error reading public key(/etc/ssl/pkg.conf): error:0906D06C:PEM routines:PEM_read_bio:no start line pkg: Invalid signature, removing repository. What does pkg expect to be in this file? openssl x509 displays the data for the certificate correctly, so I really don't know what's missing. I ktraced pkg and it is indeed reading the file. Best Regards Rainer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121227172256.647c6728>