Hi,
I am trying to sign the VIB pakage.
On Execution of the vibuthor following command I am keep getting an error :- "The VIB acceptance level (certified) doesn't match the signing certificate"
workbench:/opt/vmware # ./vibtools-5.5.0-1331820/bin/vibauthor --sign -v /tmp/kronos_drivers_signed/192/scsi-stec-s1120-2.2.1.0192-1OEM.500.0.0.472560.x86_64.vib --key ~/.ssh/id_rsa --cert /tmp/e/server.crt
The VIB acceptance level (certified) doesn't match the signing certificate
workbench:/opt/vmware #
Can someone help me to figure out what I am doing wrong ?
Thanks,
Royy
Hi
Just check the acceptance level of your vib.
If it is a custom vib,the acceptance level should be VMWare accepted or above.
-SatyS
Hi,
Thanks for the reply.
I checked the acceptance level in descriptor.xml file it has :- <acceptance-level>certified</acceptance-level>
It is custom vib with acceptance level is Vmware Certified.
Is there something else I am missing ?
Thanks,
Royy
Vibs with VMware Certified,VMwareAccepted and PartnerSupported levels must be signed with aprivate key, and the certificate corresponding to that private key must be included in the signature data. VIBs
with acceptance levels that require signing must have a valid signature in addition to being signed by a trusted authority.
Just have a look at this
Hope it helps.
-SatyS
Hi,
Thanks for the link.I followed the link ad read the document.
The documents says that I should use my private key to create a certificate. I did follow the following link to create the certificate from private key (http://stackoverflow.com/questions/15571815/how-to-generate-a-private-key-certificate-using-keytool?...).
But Looks like error still exists :-
workbench:~/x509cert #
workbench:~/x509cert # vibauthor --sign -v /root/iovp55/work/kronos_drivers_signed/192/scsi-stec-s1120-2.2.1.0192-1OEM.500.0.0.472560.x86_64.vib --key ~/.ssh/id_rsa --cert ./id_rsa.crt
ck : tmpvibName /root/iovp55/work/kronos_drivers_signed/192/scsi-stec-s1120-2.2.1.0192-1OEM.500.0.0.472560.x86_64.vib.signed
The VIB acceptance level (certified) doesn't match the signing certificate
workbench:~/x509cert #
My vib is not signed and it does have Acceptance level set to Certified :-
**** Info for VIB: 192/scsi-stec-s1120-2.2.1.0192-1OEM.500.0.0.472560.x86_64.vib ****
VIB Format: 2.0.0
VIB ID: Stec_bootbank_scsi-stec-s1120_2.2.1.0192-1OEM.500.0.0.472560
VIB Type: bootbank
Name: scsi-stec-s1120
Version: 2.2.1.0192-1OEM.500.0.0.472560
Vendor: Stec
Summary: stec_s1120: scsi driver for VMware ESX
Description: STEC S1120 PCIe/SCSI ESX Driver
Creation Date: 2013-11-28 12:16:26.123766+00:00
Provides:
scsi-stec-s1120 = 2.2.1.0192-1OEM.500.0.0.472560
Depends:
vmkapi_2_0_0_0
com.vmware.driverAPI-9.2.0.0
Conflicts:
Replaces:
scsi-stec-s1120 << 2.2.1.0192-1OEM.500.0.0.472560
Software Tags: ['driver', 'module']
MaintenanceMode: remove/update: True, installation: True
Signed: False
AcceptanceLevel: certified
LiveInstallAllowed: False
LiveRemoveAllowed: False
CimomRestart: False
StatelessReady: True
Overlay: False
Payloads:
Name Type Boot Size Checksums
scsi-ste vgz 0 37171 sha-256 ebf018f0cfbdfdb4d29949b84c9e2e08513e531288535c8bc7d14f26055ba034
sha-1 83a195554626bfee7b05ea61a580b1c23266ce6e
workbench:~/x509cert #
P.S. I am trying to sign the my .vib on the workbench with workbench's private key.
Regards,
Royy