SSL certificate management/storage
Nalin Dahyabhai
nalin at redhat.com
Fri Feb 4 23:33:18 UTC 2005
On Fri, Feb 04, 2005 at 04:25:12PM +0000, Joe Orton wrote:
> 3. increasing number of daemon packages are creating self-signed
> certs in %post scripts; could/should this be unified?
Whatever process (right now, I think it's usually a shell snippet we
copy from %post to %post) we use for generating them could definitely
stand to be cleaned up.
Those self-signed certificiates are becoming less and less useful as
applications move toward properly verifying certificates. Factoring
that shared %post chunk down to a single command would at least make it
easier to change what happens later on, if/when a better option becomes
available.
Cheers,
Nalin
More information about the fedora-devel-list
mailing list