Solaris won't update because ddt-incorporation is using a self-signed certifcate

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
3
down vote

favorite












I'm trying to update my Solaris 11.3 x86 system. The system hasSun/Oracle software on it, including Sun Developer Studio and Sun SSH server. It does not have other software on it, and I don't have anything in /usr/local.



I'm catching this error:



$ sudo pkg update
Creating Plan (Package planning: 1/10): -
pkg update: Chain was rooted in an untrusted self-signed certificate.
The package involved is pkg://solaris/consolidation/ddt/ddt-incorporation@18.3.18.7.13,0.5.11-11.4.0.0.1.11.0:20180718T212443Z


According to Packaging and Delivering Software With the Image Packaging System | Untrusted Self-Signed Certificate, the docs say it is because of using a self-signed OpenSSL certificate. Another similar page is Troubleshooting Signed Packages, but it rehashes the earlier page and adds nothing new. The Oracle docs on updating a package is at Updating a Package but it does not appear to provide the information I need.



The Sun article lacks step-by-step instructions to clear the issue. I'm trying to get Solaris to trust the Sun certificate but I can't get beyond usage errors:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation
pkg set-publisher: requires a publisher name
Usage:
pkg set-publisher [-Ped] [-k ssl_key] [-c ssl_cert]
[-g origin_to_add|--add-origin=origin_to_add ...]
[-G origin_to_remove|--remove-origin=origin_to_remove ...]
....


And:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation sun
pkg set-publisher: Could not find /export/home/jwalton/solaris/consolidation/ddt/ddt-incorporation


I've tried other combinations, like prepending pkg:// and using the full name but the problems persist.



How do I get beyond this error?










share|improve this question























  • Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
    – Andrew Henle
    Aug 29 at 10:18










  • FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
    – Stéphane Chazelas
    Aug 29 at 10:29







  • 1




    It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
    – Stéphane Chazelas
    Aug 29 at 10:59














up vote
3
down vote

favorite












I'm trying to update my Solaris 11.3 x86 system. The system hasSun/Oracle software on it, including Sun Developer Studio and Sun SSH server. It does not have other software on it, and I don't have anything in /usr/local.



I'm catching this error:



$ sudo pkg update
Creating Plan (Package planning: 1/10): -
pkg update: Chain was rooted in an untrusted self-signed certificate.
The package involved is pkg://solaris/consolidation/ddt/ddt-incorporation@18.3.18.7.13,0.5.11-11.4.0.0.1.11.0:20180718T212443Z


According to Packaging and Delivering Software With the Image Packaging System | Untrusted Self-Signed Certificate, the docs say it is because of using a self-signed OpenSSL certificate. Another similar page is Troubleshooting Signed Packages, but it rehashes the earlier page and adds nothing new. The Oracle docs on updating a package is at Updating a Package but it does not appear to provide the information I need.



The Sun article lacks step-by-step instructions to clear the issue. I'm trying to get Solaris to trust the Sun certificate but I can't get beyond usage errors:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation
pkg set-publisher: requires a publisher name
Usage:
pkg set-publisher [-Ped] [-k ssl_key] [-c ssl_cert]
[-g origin_to_add|--add-origin=origin_to_add ...]
[-G origin_to_remove|--remove-origin=origin_to_remove ...]
....


And:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation sun
pkg set-publisher: Could not find /export/home/jwalton/solaris/consolidation/ddt/ddt-incorporation


I've tried other combinations, like prepending pkg:// and using the full name but the problems persist.



How do I get beyond this error?










share|improve this question























  • Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
    – Andrew Henle
    Aug 29 at 10:18










  • FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
    – Stéphane Chazelas
    Aug 29 at 10:29







  • 1




    It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
    – Stéphane Chazelas
    Aug 29 at 10:59












up vote
3
down vote

favorite









up vote
3
down vote

favorite











I'm trying to update my Solaris 11.3 x86 system. The system hasSun/Oracle software on it, including Sun Developer Studio and Sun SSH server. It does not have other software on it, and I don't have anything in /usr/local.



I'm catching this error:



$ sudo pkg update
Creating Plan (Package planning: 1/10): -
pkg update: Chain was rooted in an untrusted self-signed certificate.
The package involved is pkg://solaris/consolidation/ddt/ddt-incorporation@18.3.18.7.13,0.5.11-11.4.0.0.1.11.0:20180718T212443Z


According to Packaging and Delivering Software With the Image Packaging System | Untrusted Self-Signed Certificate, the docs say it is because of using a self-signed OpenSSL certificate. Another similar page is Troubleshooting Signed Packages, but it rehashes the earlier page and adds nothing new. The Oracle docs on updating a package is at Updating a Package but it does not appear to provide the information I need.



The Sun article lacks step-by-step instructions to clear the issue. I'm trying to get Solaris to trust the Sun certificate but I can't get beyond usage errors:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation
pkg set-publisher: requires a publisher name
Usage:
pkg set-publisher [-Ped] [-k ssl_key] [-c ssl_cert]
[-g origin_to_add|--add-origin=origin_to_add ...]
[-G origin_to_remove|--remove-origin=origin_to_remove ...]
....


And:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation sun
pkg set-publisher: Could not find /export/home/jwalton/solaris/consolidation/ddt/ddt-incorporation


I've tried other combinations, like prepending pkg:// and using the full name but the problems persist.



How do I get beyond this error?










share|improve this question















I'm trying to update my Solaris 11.3 x86 system. The system hasSun/Oracle software on it, including Sun Developer Studio and Sun SSH server. It does not have other software on it, and I don't have anything in /usr/local.



I'm catching this error:



$ sudo pkg update
Creating Plan (Package planning: 1/10): -
pkg update: Chain was rooted in an untrusted self-signed certificate.
The package involved is pkg://solaris/consolidation/ddt/ddt-incorporation@18.3.18.7.13,0.5.11-11.4.0.0.1.11.0:20180718T212443Z


According to Packaging and Delivering Software With the Image Packaging System | Untrusted Self-Signed Certificate, the docs say it is because of using a self-signed OpenSSL certificate. Another similar page is Troubleshooting Signed Packages, but it rehashes the earlier page and adds nothing new. The Oracle docs on updating a package is at Updating a Package but it does not appear to provide the information I need.



The Sun article lacks step-by-step instructions to clear the issue. I'm trying to get Solaris to trust the Sun certificate but I can't get beyond usage errors:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation
pkg set-publisher: requires a publisher name
Usage:
pkg set-publisher [-Ped] [-k ssl_key] [-c ssl_cert]
[-g origin_to_add|--add-origin=origin_to_add ...]
[-G origin_to_remove|--remove-origin=origin_to_remove ...]
....


And:



$ sudo pkg set-publisher --approve-ca-cert solaris/consolidation/ddt/ddt-incorporation sun
pkg set-publisher: Could not find /export/home/jwalton/solaris/consolidation/ddt/ddt-incorporation


I've tried other combinations, like prepending pkg:// and using the full name but the problems persist.



How do I get beyond this error?







solaris software-updates pkg






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 29 at 3:57

























asked Aug 29 at 3:27









jww

1,45732155




1,45732155











  • Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
    – Andrew Henle
    Aug 29 at 10:18










  • FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
    – Stéphane Chazelas
    Aug 29 at 10:29







  • 1




    It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
    – Stéphane Chazelas
    Aug 29 at 10:59
















  • Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
    – Andrew Henle
    Aug 29 at 10:18










  • FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
    – Stéphane Chazelas
    Aug 29 at 10:29







  • 1




    It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
    – Stéphane Chazelas
    Aug 29 at 10:59















Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
– Andrew Henle
Aug 29 at 10:18




Have you tried using the full path to solaris/consolidation/ddt/ddt-incorporation?
– Andrew Henle
Aug 29 at 10:18












FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
– Stéphane Chazelas
Aug 29 at 10:29





FWIW, I get the same error here when trying to update a Solaris virtualbox VM with nothing fancy on it. Suggesting Oracle have messed up something somewhere.
– Stéphane Chazelas
Aug 29 at 10:29





1




1




It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
– Stéphane Chazelas
Aug 29 at 10:59




It's probably a matter of going through the steps described at docs.oracle.com/cd/E37838_01/html/E60977/gmpdi.html
– Stéphane Chazelas
Aug 29 at 10:59










3 Answers
3






active

oldest

votes

















up vote
2
down vote













It's not self-signed, but it's not signed by a certificate authority that the Solaris 11.3 GA version knows about. Support for the new certificate authority is one of the reasons you need to first update to Solaris 11.3 SRU 23 or later before you can upgrade to Solaris 11.4, as documented in the upgrade instructions.






share|improve this answer




















  • So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
    – Tanz87
    Sep 7 at 9:03










  • @Tanz87 unfortunately, that is correct.
    – alanc
    Sep 9 at 21:35

















up vote
2
down vote













I think I know exactly what you're trying to do, but you'll also fail at the next step which is where I'm up to.



pkg(1) stashes a copy of the certificate chain in /var/pkg/publisher/(publisher name)/certs, so you'll have the signing and root certificate in /var/pkg/publisher/solaris/certs. Copy the root certificate to the CA certificate directory in /etc/certs/CA/ and then pkg(1) will trust the certificate chain.



In my case, it's as easy as



cp /var/pkg/publisher/solaris/certs/370b6b4fba7b0ad472465ffe9377f8f6040b2cfd /etc/certs/CA/temp-solaris-object-signing.pem
svcadm restart system/ca-certificates


The next hurdle you'll find is that pkg://solaris/system/core-os@11.4,5.11-11.4.0.0.1.15.0 has an origin root-image dependency on pkg:/system/core-os@0.5.11-0.175.3.23.0.4.0 (see https://docs.oracle.com/cd/E53394_01/html/E54820/dependtypes.html#PKDEVglumq for details about pkg dependencies). There is probably a very good reason that is there...



(and yes, it seems Oracle has blocked any kind of upgrade to Solaris 11.4 without having a support contract to be able to download 11.3SRU23)






share|improve this answer



























    up vote
    -1
    down vote













    pkg uninstall consolidation/ddt/ddt-incorporation support/explorer





    share|improve this answer






















    • In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
      – Stéphane Chazelas
      Aug 29 at 10:46










    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f465416%2fsolaris-wont-update-because-ddt-incorporation-is-using-a-self-signed-certifcate%23new-answer', 'question_page');

    );

    Post as a guest






























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    2
    down vote













    It's not self-signed, but it's not signed by a certificate authority that the Solaris 11.3 GA version knows about. Support for the new certificate authority is one of the reasons you need to first update to Solaris 11.3 SRU 23 or later before you can upgrade to Solaris 11.4, as documented in the upgrade instructions.






    share|improve this answer




















    • So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
      – Tanz87
      Sep 7 at 9:03










    • @Tanz87 unfortunately, that is correct.
      – alanc
      Sep 9 at 21:35














    up vote
    2
    down vote













    It's not self-signed, but it's not signed by a certificate authority that the Solaris 11.3 GA version knows about. Support for the new certificate authority is one of the reasons you need to first update to Solaris 11.3 SRU 23 or later before you can upgrade to Solaris 11.4, as documented in the upgrade instructions.






    share|improve this answer




















    • So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
      – Tanz87
      Sep 7 at 9:03










    • @Tanz87 unfortunately, that is correct.
      – alanc
      Sep 9 at 21:35












    up vote
    2
    down vote










    up vote
    2
    down vote









    It's not self-signed, but it's not signed by a certificate authority that the Solaris 11.3 GA version knows about. Support for the new certificate authority is one of the reasons you need to first update to Solaris 11.3 SRU 23 or later before you can upgrade to Solaris 11.4, as documented in the upgrade instructions.






    share|improve this answer












    It's not self-signed, but it's not signed by a certificate authority that the Solaris 11.3 GA version knows about. Support for the new certificate authority is one of the reasons you need to first update to Solaris 11.3 SRU 23 or later before you can upgrade to Solaris 11.4, as documented in the upgrade instructions.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Aug 29 at 21:51









    alanc

    2,5381122




    2,5381122











    • So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
      – Tanz87
      Sep 7 at 9:03










    • @Tanz87 unfortunately, that is correct.
      – alanc
      Sep 9 at 21:35
















    • So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
      – Tanz87
      Sep 7 at 9:03










    • @Tanz87 unfortunately, that is correct.
      – alanc
      Sep 9 at 21:35















    So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
    – Tanz87
    Sep 7 at 9:03




    So does this effectively mean that people without a support contract (i.e. no access to the SRU releases) can't upgrade from Solaris 11.3 to 11.4, and instead must do a clean install?
    – Tanz87
    Sep 7 at 9:03












    @Tanz87 unfortunately, that is correct.
    – alanc
    Sep 9 at 21:35




    @Tanz87 unfortunately, that is correct.
    – alanc
    Sep 9 at 21:35












    up vote
    2
    down vote













    I think I know exactly what you're trying to do, but you'll also fail at the next step which is where I'm up to.



    pkg(1) stashes a copy of the certificate chain in /var/pkg/publisher/(publisher name)/certs, so you'll have the signing and root certificate in /var/pkg/publisher/solaris/certs. Copy the root certificate to the CA certificate directory in /etc/certs/CA/ and then pkg(1) will trust the certificate chain.



    In my case, it's as easy as



    cp /var/pkg/publisher/solaris/certs/370b6b4fba7b0ad472465ffe9377f8f6040b2cfd /etc/certs/CA/temp-solaris-object-signing.pem
    svcadm restart system/ca-certificates


    The next hurdle you'll find is that pkg://solaris/system/core-os@11.4,5.11-11.4.0.0.1.15.0 has an origin root-image dependency on pkg:/system/core-os@0.5.11-0.175.3.23.0.4.0 (see https://docs.oracle.com/cd/E53394_01/html/E54820/dependtypes.html#PKDEVglumq for details about pkg dependencies). There is probably a very good reason that is there...



    (and yes, it seems Oracle has blocked any kind of upgrade to Solaris 11.4 without having a support contract to be able to download 11.3SRU23)






    share|improve this answer
























      up vote
      2
      down vote













      I think I know exactly what you're trying to do, but you'll also fail at the next step which is where I'm up to.



      pkg(1) stashes a copy of the certificate chain in /var/pkg/publisher/(publisher name)/certs, so you'll have the signing and root certificate in /var/pkg/publisher/solaris/certs. Copy the root certificate to the CA certificate directory in /etc/certs/CA/ and then pkg(1) will trust the certificate chain.



      In my case, it's as easy as



      cp /var/pkg/publisher/solaris/certs/370b6b4fba7b0ad472465ffe9377f8f6040b2cfd /etc/certs/CA/temp-solaris-object-signing.pem
      svcadm restart system/ca-certificates


      The next hurdle you'll find is that pkg://solaris/system/core-os@11.4,5.11-11.4.0.0.1.15.0 has an origin root-image dependency on pkg:/system/core-os@0.5.11-0.175.3.23.0.4.0 (see https://docs.oracle.com/cd/E53394_01/html/E54820/dependtypes.html#PKDEVglumq for details about pkg dependencies). There is probably a very good reason that is there...



      (and yes, it seems Oracle has blocked any kind of upgrade to Solaris 11.4 without having a support contract to be able to download 11.3SRU23)






      share|improve this answer






















        up vote
        2
        down vote










        up vote
        2
        down vote









        I think I know exactly what you're trying to do, but you'll also fail at the next step which is where I'm up to.



        pkg(1) stashes a copy of the certificate chain in /var/pkg/publisher/(publisher name)/certs, so you'll have the signing and root certificate in /var/pkg/publisher/solaris/certs. Copy the root certificate to the CA certificate directory in /etc/certs/CA/ and then pkg(1) will trust the certificate chain.



        In my case, it's as easy as



        cp /var/pkg/publisher/solaris/certs/370b6b4fba7b0ad472465ffe9377f8f6040b2cfd /etc/certs/CA/temp-solaris-object-signing.pem
        svcadm restart system/ca-certificates


        The next hurdle you'll find is that pkg://solaris/system/core-os@11.4,5.11-11.4.0.0.1.15.0 has an origin root-image dependency on pkg:/system/core-os@0.5.11-0.175.3.23.0.4.0 (see https://docs.oracle.com/cd/E53394_01/html/E54820/dependtypes.html#PKDEVglumq for details about pkg dependencies). There is probably a very good reason that is there...



        (and yes, it seems Oracle has blocked any kind of upgrade to Solaris 11.4 without having a support contract to be able to download 11.3SRU23)






        share|improve this answer












        I think I know exactly what you're trying to do, but you'll also fail at the next step which is where I'm up to.



        pkg(1) stashes a copy of the certificate chain in /var/pkg/publisher/(publisher name)/certs, so you'll have the signing and root certificate in /var/pkg/publisher/solaris/certs. Copy the root certificate to the CA certificate directory in /etc/certs/CA/ and then pkg(1) will trust the certificate chain.



        In my case, it's as easy as



        cp /var/pkg/publisher/solaris/certs/370b6b4fba7b0ad472465ffe9377f8f6040b2cfd /etc/certs/CA/temp-solaris-object-signing.pem
        svcadm restart system/ca-certificates


        The next hurdle you'll find is that pkg://solaris/system/core-os@11.4,5.11-11.4.0.0.1.15.0 has an origin root-image dependency on pkg:/system/core-os@0.5.11-0.175.3.23.0.4.0 (see https://docs.oracle.com/cd/E53394_01/html/E54820/dependtypes.html#PKDEVglumq for details about pkg dependencies). There is probably a very good reason that is there...



        (and yes, it seems Oracle has blocked any kind of upgrade to Solaris 11.4 without having a support contract to be able to download 11.3SRU23)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Sep 12 at 7:16









        jpm

        211




        211




















            up vote
            -1
            down vote













            pkg uninstall consolidation/ddt/ddt-incorporation support/explorer





            share|improve this answer






















            • In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
              – Stéphane Chazelas
              Aug 29 at 10:46














            up vote
            -1
            down vote













            pkg uninstall consolidation/ddt/ddt-incorporation support/explorer





            share|improve this answer






















            • In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
              – Stéphane Chazelas
              Aug 29 at 10:46












            up vote
            -1
            down vote










            up vote
            -1
            down vote









            pkg uninstall consolidation/ddt/ddt-incorporation support/explorer





            share|improve this answer














            pkg uninstall consolidation/ddt/ddt-incorporation support/explorer






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Aug 29 at 10:12









            Jeff Schaller

            32.7k849110




            32.7k849110










            answered Aug 29 at 9:25









            Vlado

            1




            1











            • In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
              – Stéphane Chazelas
              Aug 29 at 10:46
















            • In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
              – Stéphane Chazelas
              Aug 29 at 10:46















            In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
            – Stéphane Chazelas
            Aug 29 at 10:46




            In my case, after removing those two packages (support/explorer depending on ddt-incorporation), I still get the error for other packages (pkg://solaris/library/python/pyatspi-27@2.30.0,5.11-11.4.0.0.1.9.0:20180618T175853Z), suggesting that it's not only about those packages but that we need somehow to let Solaris know about the new oracle root certificate (pkg refresh --full doesn't help).
            – Stéphane Chazelas
            Aug 29 at 10:46

















             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f465416%2fsolaris-wont-update-because-ddt-incorporation-is-using-a-self-signed-certifcate%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?