On 08/23/2010 09:39 AM, Bryan Kearney wrote:
On 08/23/2010 10:00 AM, Jeff Ortel wrote:All, I propose we move to combining the private key and certificates into a single PEM encoded file. This is a very common practice in PKI. It seems cleaner and would require less files to manage. I verified that having the key and cert combined in a single file is supported by both yum and M2Crypto. Moving to the combined file would reduce the number of CLI arguments and allow us to store (1) certificate property in each Repo object. Thoughts? Objections?Would you do this across all certs (identity, entitlement, content)?
Yes, I would like to.Also, we agreed (at one time) to refit RHSM to combine the certificates. I still intend to follow up on that as well. That way for kalpana, we'll be handling keys and certificates the same way across the board.
Description: S/MIME Cryptographic Signature