On 3/08/09 06:08 PM, Scott Rotondo wrote: > Darren Reed wrote: >> On 3/08/09 06:03 PM, Scott Rotondo wrote: >>> Darren Reed wrote: >>>> Every now and then, I bfu a system and thereafter receive lots >>>> of crypto messages on the console. In this case, the path to >>>> trouble was "jumpstart install, bfu, create zone, boot zone" >>>> (shared is a zone with a shared IP instance.) What did I do >>>> to deserve this? >>>> >>>> Is there some master switch I can throw once and for all and >>>> turn these messages off? >>>> >>>> Darren >>> >>> You're building without usr/closed, I presume. I think your only >>> good alternative is to install the closed bins after you bfu. >> >> Building with usr/closed - it is not possible to build without it. >> >> Darren >> > > Then it's not clear to me why you're getting the errors you are. Does > elfsign verify show that the crypto modules are really not signed > (with any key/cert pair)?
Is this what you mean? # elfsign verify pkcs11_softtoken.so elfsign: verification of pkcs11_softtoken.so failed. # elfsign list -f signer -e pkcs11_softtoken.so O=Sun Microsystems Inc, OU=Corporate Object Signing, OU=Solaris Cryptographic Framework, CN=Solaris INTERNAL DEVELOPMENT USE ONLY # elfsign list -f subject -e pkcs11_softtoken.so # elfsign list -f issuer -e pkcs11_softtoken.so # elfsign list -f format -e pkcs11_softtoken.so rsa_sha1 # elfsign list -f time -e pkcs11_softtoken.so Mon Aug 03 17:25:42 2009 Darren
