The following error occurs when a certificate in the chain of trust is missing or otherwise erroneous.
pkg install: The certificate which issued this certificate: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1_ta3/emailAddress=cs1_ch1_ta3 could not be found. The issuer is: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta3/emailAddress=ch1_ta3 The package involved is: pkg://test/[email protected],5.11-0:20110919T184152Z
In this example, there were three certificates in the chain of trust when the package was signed. The chain of trust was rooted in the trust anchor, a certificate named ta3. The ta3 certificate signed a chain certificate named ch1_ta3, and ch1_ta3 signed a code signing certificate named cs1_ch1_ta3.
When the pkg command tried to install the package, it was able to locate the code signing certificate, cs1_ch1_ta3, but could not locate the chain certificate, ch1_ta3, so the chain of trust could not be established.
The most common cause of this problem is failing to provide the correct certificates to the -i option of pkgsign.